Lead Application Security Engineer Remote
Lead Application Security Engineer Description
SEE YOURSELF IN THIS ROLE
We are in search of a Lead Application Security Engineer to become a part of our team. The preferred candidate should possess a background in software development along with substantial experience in application security.
In this role, you will be accountable for overseeing the application security program for a worldwide investment company. In addition to enhancing security practices, you will be required to conduct root-cause analyses on identified issues.
It is a fully remote position offering you the flexibility to work from any location in Poland, whether it's your home or one of our well-equipped offices in Gdansk, Katowice, Krakow, Lodz, Warsaw, or Wroclaw.
What You’ll Do
- Oversee the Application Security program
- Conduct threat modeling activities
- Collaborate with teams to prioritize issues and provide explanations regarding the nature of problems
- Manage processes such as remediation, mitigation, reporting, and cadence
- Address troubleshooting needs when tools encounter issues or when the team faces onboarding challenges
- Perform SAST, SCA, IaC, DAST, and API security scans on internally developed code using tools such as Checkmarx, CheckmarxOne, and SonarQube
- Evaluate scan results to distinguish between true positives and false positives
- Work closely with developers to understand results and determine optimal patch options
- Provide guidance on the intricacies of configuring pipelines in Azure DevOps (ADO) for automating the scanning process
What You Have
- 5+ years of experience in Application Security
- Expertise in OWASP Top 10
- Strong understanding of Security Programs
- Knowledge of Python, which would be considered as a plus
Nice to have
- Familiarity and experience with scripting languages (Bash)
- Background in Vulnerability Management
We Offer
- We gather like-minded people:
- Friendly team and enjoyable working environment
- Engineering community of industry’s professionals
- Flexible schedule and opportunity to work remotely within Poland
- Chance to work abroad for up to 60 days annually
- Relocation within our 50+ offices
- We provide growth opportunities:
- Outstanding career roadmap
- Leadership development, career advising, soft skills and well-being programs
- Certification (GCP, Azure, AWS)
- Unlimited access to LinkedIn Learning
- Language classes on English and Polish for foreigners
- We cover it all:
- Stable income (Employment Contract or B2B)
- Participation in the Employee Stock Purchase Plan
- Referral bonuses
- Benefits package (health insurance, multisport, shopping vouchers)
- Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and many more
- Corporate and social events
- We may contact chosen candidates only
About EPAM
- EPAM is a leading global provider of digital platform engineering and development services. We embrace a dynamic and inclusive culture, where you will collaborate with multi-national teams, contribute to a myriad of innovative projects, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential