N-iX is a software development service company that helps businesses across the globe develop successful software products. During 20 years on the market and by leveraging the capabilities of Easter Europe talents, the company has grown to 2000+ professionals with a broad portfolio of customers in the area of Fortune 500 companies as well as technological start-ups. With its headquarters in Lviv, Ukraine, the company also has multiple development offices in the East European region and representative entities in the United States of America, Sweden, and Malta.
Throughout the years of its operations, the company has developed strong expertise in such fields as digital turn-key solutions engineering, cloud services, big data & analytics, user experience design, engineering excellence, digital platforms integration, and its own R&D in different domains such as financial services & banking, telecommunications, e-commerce, automotive, manufacturing, and others.
We seek an experienced Application Security Engineer to join our Business Resilience team. The Application Security Engineer will be participating in building the new application solutions, reviewing the architecture and requirements for the existing applications, reviewing the application development process, and performing security testing of the applications or customer organizations.
Duties:
- Participate in new solutions design and architecture.
- Analyze requirements for security-related matters.
- Review application architecture for adherence to secure application design principles.
- Do source code analysis.
- Conduct secure SDLC analysis and improvement.
- Perform security testing and assessment of the applications and organizations.
- Conduct general cybersecurity reviews and consultancy.
Knowledge and Experience:
- 4+ years experience in information security, application security, or other related areas.
- 7+ years of IT-related experience.
- Knowledge of secure design principles.
- Up-to-date knowledge of cybersecurity trends and industry.
- Operational knowledge of modern operating systems and networking.
- Experience with common cloud services: AWS, GCP, and Azure.
- Network Security basics and expertise in network pentesting.
- Security testing of web applications, web services, mobile apps, and IT infrastructure.
- Ability to apply modern Application Security methodologies and frameworks.
- Ability to use at least one modern programming language.
- Practical experience with offensive security tooling (e.g. BurpSuite, Nmap, SQLMap, etc.).
- Solid understanding of enterprise technologies and security tooling landscape.
- Understanding of security best practices and common standards.
- Fluent English.
- Personal Attributes:
- Quick starter and learner
- Readiness to lead the practice and grow the team, potentially to become the practice lead.
- Curiosity and enthusiasm to be involved in various types of engagement with numerous customers.
- Strong interpersonal and oral communication skills (English).
- Ability to work in an unsupervised mode within scope and time constraints.
Certifications:
- An offensive security certificate (e.g. OCSP) will be a big plus.
- ISC2 or ISACA certifications will be a plus.
We offer:
- Flexible working format - remote, office-based or flexible
- A competitive salary and good compensation package
- Personalized career growth
- Professional development tools (mentorship program, tech talks and trainings, centers of excellence, and more)
- Active tech communities with regular knowledge sharing
- Education reimbursement
- Paid vacation days, sick leaves, and days off
- Healthcare & Sport program
- Medical insurance
- Memorable anniversary presents
- Corporate events and team buildings
Europe, Colombia
