Application Security Engineer (Remote in Bulgaria, Germany, Italy, Serbia, Turkey)

Tasks

• Apply CVSS risk scoring
• Build DAST pipelines
• Build SAST pipelines
• Collaborate on vulnerability remediation
• Conduct Security architecture review
• Deliver security training
• Design web application and API security
• Generate SBOMs
• Identify and assess CVEs
• Integrate security tools into SDLC
• Maintain OWASP security guidance
• Manage SBOM consumption
• Perform threat modeling
• Run automated security testing
• Run manual security testing
• Support vulnerability disclosure workflows

Perks/Benefits

• Remote work

Skills/Tech-stack

API Security | Application Security | Bill of Materials | Burp Suite | CI/CD | CVE | CVE Analysis | CVSS | Composition analysis | Container Security | CycloneDX | DAST | DevSecOps | OWASP | OWASP ZAP | SAST | SBOM management | SCA Tools | SPDX | Secure Coding | Secure SDLC | Security Architecture | Security Testing | Snyk | Software Bill of Materials | Software Composition | Software Composition Analysis | Threat modeling | Vulnerability Disclosure | Vulnerability Management | Web Application | Web application security