Application Security Engineer

Job Description

Are you a seasoned Application Security Engineer with a passion for fintech innovation? An unparalleled opportunity awaits you with a rapidly growing Electronic Money Institution. With a global footprint spanning Australia, Cyprus, Lithuania, UK, Netherlands, USA, Israel, and Malta, our client is at the forefront of providing cutting-edge financial solutions.

Your Expertise Needed:

Join their mission to fortify the fintech realm against cyber threats. As an Application Security Engineer, you'll collaborate closely with cross-functional teams, ensuring the highest level of security across proprietary platforms. Your experience in Fintech is key as you work side by side with Software Developers, Product Managers, and QA Teams to ingrain secure coding practices, consult on secure product design, and validate vulnerability remediation.

You must have the right to legally reside and work in the Republic of Cyprus or be an EU citizen.
Employment is subject to a National Police check.

Your Impact:

• Spearhead the deployment of secure architecture and design principles, encompassing defense in depth, zero trust, and microservices.
• Conduct in-depth threat modeling and risk assessments, skillfully prioritizing security threats within fintech applications.
• Stay at the forefront of security trends, actively infusing your insights into our security strategy.
• Collaborate with globally recognized security standards and frameworks like PCI-DSS, ISO 27001, NIST, CIS, Swift CSCF, DORA, and PSD2.

About You:

• You boast a track record as an Application Security Engineer, fostering secure development practices within software teams.
• A degree in software development or security-related fields is your foundation, supplemented by practical experience – or equivalent
• Your arsenal includes familiarity with security methodologies like Microsoft SDL, OWASP OpenSAMM, and BSIMM.
• You possess a robust grasp of security activities – from requirements gathering to risk assessment and code review.
• Attack Surface Management (ASM) and the MITRE ATT&CK framework are your second nature.
• Your secure coding expertise covers encryption, hashing techniques, input validation, and output encoding.
• Securing CI/CD pipelines aligns with your principles, enforcing security-by-design and compliance.
• Certifications like CASE, CASS, CISSP, ISSAP, and CEH validate your prowess.
• Secure API design, authentication, and authorization are realms where you excel.
• Java, .NET, Swift, or nodeJS are your playgrounds for web application development.
• Bonus: You're familiar with PCI Software Security Framework, cybersecurity tools (Static Code Analysis, Dynamic Code Analysis, Software Composition Analysis, and Penetration Testing), and secure key management solutions.
• Your knowledge extends to standards like CIS Controls, CSA Cloud Controls Matrix, ISO27001, NIST Standards, and OWASP Top 10.
• Educating fellow employees on cybersecurity best practices is part of your DNA.