Project Overview:

Application Security engineers are working with product teams to help deliver secure products. As shift-left evangelists, we want to focus on pre-code activities in product planning and development. This includes reviewing early-stage designs, developing threat models, preparing security requirements, and scaling impact by curating security patterns, guidance, and training. 

This is a proactive role, and we are looking for passionate people who will help us build end-to-end security in close collaboration with DevSecOps, Architecture, and Engineering chapters and product teams.  

Альона Кацел
  • You will be the primary security engineer for software products and act as the point of contact for engineering and security.  
  • Prepare security requirements based on company policies and best industry security standards. 
  • Design, build and review security-related services and functions of web applications and mobile services.  
  • Implement best security practices in Cloud Platforms (Azure). 
  • Validate vulnerabilities from SCA, SAST, IAST/DAST, and image scanning solutions, and coordinate remediation. 
  • Conduct product security threat and risk assessments for software products regularly (OWASP Threat Dragon or similar tool).  
  • Classify data and applications based on business risk. Establish a simple classification system to represent risk-tiers for applications.  
  • Collaborate with product & development managers to assess and prioritize security-related tasks in the development backlog.  
  • Improve and adopt security best practices in testing, automation, and continuous integration pipelines.
  • 2+ years of demonstrated experience in the Secure SDLC approach. Ability to describe goals, steps, processes, etc. Possess the ability to lead the implementation of security controls in the development team;
  • Experience in conducting threat assessments, building threat models, and creating remediation plans/requirements based on the results of threat assessments;
  • Solid knowledge of OWASP Top 10 and understanding of OWASP testing guide;
  • Demonstrated experience in verifying results from SCA, SAST, IAST/DAST, and image scanning solutions;
  • Experience in risk management, its purpose, and its approaches; 
  • Hands-on experience in scripting/coding in Python and Bash;
  • Ability to develop and conduct security training and workshops (e.g., General security training, threat modeling);
  • Proficiency in communicating over a text-based medium (MS Teams, Jira/Confluence, Email) and ability to concisely document technical details; 
  • Excellent interpersonal and verbal communication skills.  
Nice to have:
  • 3+ years of related technical experience in Product Security Architecture or Engineering;
  • 3+ years of experience in Cloud Platforms (Azure).



Higher Education:
  • Bachelor's Degree.


Тебе також можуть зацікавити

Чому варто приєднатись до команди INTELLIAS

У нас ти знайдеш доброзичливе середовище та можливості навчатися й зростати щодня.

Можливості релокації в INTELLIAS

Отримуй новий досвід та відкривай нові горизонти, знаходячись лише в декількох годинах подорожі…

Підтримка здоров’я та спорту

Ми докладаємо максимум зусиль, щоб забезпечити комфортні умови для консультантів компанії, та піклуємося…

Як стати частиною команди INTELLIAS

Ми робимо все можливе, щоб спростити та прискорити твій шлях до нашої команди. Будемо раді бачити тебе...
Dropzone.autoDiscover = false;