Senior Security Engineer Slovakia or Remote
Senior Security Engineer Description
We are looking for a Security SAST Engineer with expertise in static application security testing, especially using GitHub CodeQL, to join our security team.
This role involves analyzing Java libraries and client projects to uncover security vulnerabilities and potential risks in the code. You’ll also be developing and maintaining CodeQL queries to enhance SAST coverage, as well as conducting false-positive/false-negative analyses to ensure accuracy in SAST results.
#LI-DNI
Responsibilities
- Conduct security analysis on Java libraries and SAP projects to identify vulnerabilities or unsafe code patterns
- Develop, test, and maintain custom CodeQL queries to improve SAST coverage and effectiveness
- Manage and update existing CodeQL queries to align with project needs and security standards
- Perform in-depth false-positive/false-negative analyses to refine SAST accuracy and reduce deviations in CodeQL results
Requirements
- Experience with SAST tools (preferably GitHub CodeQL) and a solid understanding of SAST workflows
- Basic proficiency in Java and ability to read and interpret code across various programming languages
- Experience with GitHub Actions and GitHub Advanced Security (GHAS) is a plus
- Knowledge in Python, JavaScript, and C# is an advantage
- Strong attention to detail and problem-solving skills for precise query writing and code analysis
Nice to have
- Experience with rule or query writing for SAST tools
- Background in secure coding practices and code review
We offer
- Opportunity to work in a fast-paced, agile, software engineering culture
- Benefit program (5 weeks of vacation, 5 paid sick days, meal vouchers, cafeteria and recreation bonuses, reimbursement of glasses, contribution to pension fund)
- Referral bonuses for recommended candidates
- English language courses
- Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more
Certain benefits and perks may be subject to eligibility requirements and may be available only after you have passed your probationary period.