Plus
Включить Plus
Назад
Company hidden
1 день назад

Senior Application Security Engineer (Portugal)

Формат работы
remote (только Portugal)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Portugal
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (AppSec): Embed security into SDLC, conduct threat modeling and secure code reviews, perform security testing for subscription commerce platform with an accent on practical integration into engineering practices. Focus on identifying risks early, improving secure-by-design principles, and enhancing application security posture through close collaboration with product and engineering teams.

Location: Portugal (Remote)

Company

hirify.global enables IT distributors, MSPs, and telcos to succeed in the subscription economy with a platform that automates subscription workflows from quote to bill.

What you will do

  • Integrate security activities across all SDLC phases and partner with engineering teams for consistent secure practices.
  • Run threat modeling sessions using STRIDE to identify threats and ensure secure-by-design principles.
  • Perform security-focused code and architecture reviews with actionable guidance on secure coding.
  • Conduct manual and automated web application security testing and operate AppSec tools like SAST, DAST, SCA.
  • Integrate and automate security checks in CI/CD pipelines and recommend tooling improvements.
  • Support incident response, triage vulnerabilities, and enable engineers through training and documentation.

Requirements

  • Strong understanding of secure software development principles.
  • Solid knowledge of OWASP Top 10 and CWE vulnerability classes.
  • Experience with modern SDLCs, agile workflows, and integrating security tools into CI/CD.
  • Hands-on web application security testing and risk assessment skills.
  • Understanding of cloud-native architectures, APIs, and microservices.
  • Background working closely with product and engineering teams.

Nice to have

  • Exposure to security metrics, maturity models, or AppSec program building.

Culture & Benefits

  • Fully remote work with work-from-anywhere scheme.
  • Flexible working hours.
  • Health and life insurance program.
  • Learning & development budget.
  • Tech-driven, friendly team with international mindset.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →