Remote Application Security Engineer (Remote in Bulgaria, Germany, Italy, Serbia, Turkey)

at Constructor TECH

Posted 3 days ago 3 applied

Description:

  • Constructor is on a mission to enable educational organizations to provide high-quality digital education efficiently.
  • The company has expertise in machine intelligence and data science, addressing challenges like access inequality and low student engagement.
  • The role of Application Security Engineer involves a strong background in web application security design, secure development practices, and vulnerability testing.
  • Key responsibilities include performing threat modeling, security architecture reviews, conducting security testing, designing security pipelines, managing SBOM processes, collaborating with development teams, maintaining security guidance, and staying updated on application security threats.

Requirements:

  • Candidates should have 3–5 years of experience in application security, focusing on web applications and API security.
  • A good knowledge of at least one scripting or programming language such as Python, JavaScript, C#, or Go is required.
  • Experience with security tools like OWASP ZAP, Burp Suite, Snyk, or similar is necessary.
  • Familiarity with secure coding, DevSecOps, and container security concepts is expected.
  • A strong understanding of CVE, CVSS, and vulnerability disclosure workflows is essential.
  • Excellent command of business English is required.
  • Preferred qualifications include knowledge of SBOM standards and experience integrating SBOM tooling into CI/CD pipelines, knowledge of software composition analysis tools, and relevant certifications such as GWAPT, OSWE, or CSSLP.

Benefits:

  • Employees can choose their work equipment, such as a laptop and monitor.
  • English classes are provided through iTalki, with a budget of $130 monthly.
  • A flexible work schedule is offered, typically between 09:00/10:00 and 18:00/19:00 CET or EET.
  • A newborn bonus of €500 per child is available.
  • Patent remuneration is provided.
  • Paid leave is included in the benefits package.
  • Remote work is allowed in locations without offices, and hybrid work is available in locations with offices (2 days in-office, 3 days remote).