Application Security Engineer

TL;DR

Application Security Engineer: Shaping and enhancing the security of Veeam products through security assessments, vulnerability scanning, and penetration testing with an accent on secure development practices and source code audits. Focus on integrating security into the SDLC, threat modeling, and utilizing automated analysis tools.

Location: Office-based in Berlin (Germany) or Lisbon (Portugal). Remote work is possible only if based in Poland.

Company

hirify.global is a global market leader in data resilience, providing data backup, recovery, portability, security, and intelligence solutions to over 550,000 customers worldwide.

What you will do

• Conduct regular security assessments, vulnerability scanning, and penetration testing of Veeam products.
• Integrate secure development practices into the software development lifecycle.
• Collaborate on the design and implementation of security within Veeam products.
• Perform threat modeling and design reviews for new and existing products.
• Conduct manual source code security audits.
• Utilize automated application-analysis tools for security analysis.

Requirements

• Ability to read source code in programming languages (such as C/C++/C#/JavaScript).
• A good understanding of the principles of secure software development.
• A desire to develop in the field of application security.
• Lively and flexible mind, clear logic, and analytical skills.
• Ability to work as part of a team.
• English: B2 proficiency for daily communication required.
• Location: Must be based in Poland for remote work, or be able to work onsite in Berlin (Germany) or Lisbon (Portugal).

Nice to have

• Knowledge of scripting languages (Python, PowerShell, Bash, Ruby).
• Knowledge of modern cryptographic algorithms.
• Experience with DAST and SAST tools.
• Skills using OWASP ZAP, Burp Suite, Kali Linux tools.
• Security certifications such as OSCP, CEH, CSSLP, CCSP, AWS Certified Security.
• Familiarity with cloud platforms (such as AWS/Azure/GCP).
• Experience playing CTF or HackTheBox.
• Experience with bug bounty hunting.

Culture & Benefits

• 26 paid days off annually, plus 3 global VeeaMe Days for self-care and volunteer time.
• Paid parental, maternity, and paternity leave.
• Fully covered family medical plan, dental, rehab, and vaccinations.
• Life, critical illness, and disability insurance; employer pension contribution via PPK.
• Monthly Edenred allowance of 450 PLN for meals.
• MultiSport card fully covered by Veeam, giving access to sports facilities nationwide.
• Six free therapy sessions, plus legal and financial advice.
• Professional training and education, including courses, workshops, and unlimited access to online learning platforms (LinkedIn Learning, Athena, O’Reilly).