Application Security Engineer (Edtech)

TL;DR

Application Security Engineer (Cybersecurity): Designing and implementing secure development lifecycles for an educational platform with an accent on web application security, API protection, and software supply chain risk reduction. Focus on threat modeling, building SAST/DAST pipelines, and managing SBOM generation.

Location: Remote in Bulgaria, Germany, Italy, Serbia, or Turkey; hybrid options available for those near offices.

Company

An all-in-one platform for digital education and research powered by machine intelligence and data science.

What you will do

• Perform threat modeling, security architecture review, and design analysis for web applications and APIs.
• Conduct manual and automated security testing (SAST and DAST) during development and pre-release stages.
• Design and implement security pipelines and integrate them into the SDLC process.
• Implement and manage SBOM generation and consumption processes across the SDLC.
• Collaborate with development teams to ensure timely remediation of identified vulnerabilities.
• Maintain security guidance aligned with OWASP best practices and provide training for development teams.

Requirements

• 3–5 years of experience in application security, focusing on web applications and API security.
• Proficiency in at least one scripting or programming language (e.g., Python, JavaScript, C#, or Go).
• Experience with security tools such as OWASP ZAP, Burp Suite, Snyk, or similar.
• Strong understanding of CVE, CVSS, and vulnerability disclosure workflows.
• Familiarity with secure coding, DevSecOps, and container security concepts.
• Excellent command of business English.

Nice to have

• Knowledge of SBOM standards (CycloneDX, SPDX) and experience integrating SBOM tooling into CI/CD pipelines.
• Knowledge of software composition analysis (SCA) tools.

Culture & Benefits

• Flexible schedule (typically 09:00/10:00 to 18:00/19:00 CET or EET).
• Choice of work equipment (laptop, monitor, etc.).
• English classes reimbursement via iTalki ($130 monthly).
• Newborn bonus (€500 per child) and patent remuneration.
• Paid leave and a commitment to diversity and equal opportunity.