SEE YOURSELF IN THIS ROLE
We are in search of a Lead Application Security Engineer to become a part of our team. The preferred candidate should possess a background in software development along with substantial experience in application security.
In this role, you will be accountable for overseeing the application security program for a worldwide investment company. In addition to enhancing security practices, you will be required to conduct root-cause analyses on identified issues.
It is a fully remote position offering you the flexibility to work from any location in Poland, whether it's your home or one of our well-equipped offices in Gdansk, Katowice, Krakow, Lodz, Warsaw, or Wroclaw.
What You'll Do
Oversee the Application Security program Conduct threat modeling activities Collaborate with teams to prioritize issues and provide explanations regarding the nature of problems Manage processes such as remediation, mitigation, reporting, and cadence Address troubleshooting needs when tools encounter issues or when the team faces onboarding challenges Perform SAST, SCA, IaC, DAST, and API security scans on internally developed code using tools such as Checkmarx, CheckmarxOne, and SonarQube Evaluate scan results to distinguish between true positives and false positives Work closely with developers to understand results and determine optimal patch options Provide guidance on the intricacies of configuring pipelines in Azure DevOps (ADO) for automating the scanning process What You Have 5+ years of experience in Application Security Expertise in OWASP Top 10 Strong understanding of Security Programs Knowledge of Python, which would be considered as a plus Nice to have Familiarity and experience with scripting languages (Bash) Background in Vulnerability Management We Offer We gather like-minded people: Friendly team and enjoyable working environment Engineering community of industry's professionals Flexible schedule and opportunity to work remotely within Poland Chance to work abroad for up to 60 days annually Relocation within our 50+ offices We provide growth opportunities: Outstanding career roadmap Leadership development, career advising, soft skills and well-being programs Certification (GCP, Azure, AWS) Unlimited access to LinkedIn Learning, Get Abstract, O'Reilly, Cloud Guru Language classes on English and Polish for foreigners We cover it all: Stable income (Employment Contract or B2B) Participation in the Employee Stock Purchase Plan Referral bonuses Benefits package (health insurance, multisport, shopping vouchers) Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and many more Corporate and social events We may contact chosen candidates only About EPAM EPAM is a leading global provider of digital platform engineering and development services. We embrace a dynamic and inclusive culture, where you will collaborate with multi-national teams, contribute to a myriad of innovative projects, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential Why EPAM