About Infiterra
Infiterra enables IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. Our subscription commerce platform automates and unifies subscription workflows – from quote to bill – driving operational efficiency, billing accuracy, and scalable growth. Recognized as a global leader in subscription commerce, Infiterra combines innovation, performance excellence, and trusted expertise to help partners transform and grow.
About The Role
We’re looking for a Senior Application Security Engineer to embed security into how we design, build, and operate software; not as an afterthought, but as part of everyday engineering. You’ll work hands‑on with product and engineering teams to identify risks early, improve secure‑by‑design practices, and continuously raise the bar of our application security posture. This is a practical AppSec role: close to the code, close to the architecture, and deeply integrated into the SDLC. Infiterra’s headquarters are located in Thessaloniki, Greece, and the Engineering team is distributed across various locations throughout the country. This role is fully remote.
What You’ll Do
Embed security into the SDLC
* Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance.
* Partner closely with engineering teams to ensure secure development practices are applied consistently.
* Review security controls for new features, services, and architectural changes.
Threat modeling & secure design
* Run threat modeling sessions (e.g. STRIDE) for new and existing systems.
* Identify threats, attack paths, misconfigurations, and insecure design patterns.
* Collaborate with engineers to ensure systems follow secure‑by‑design principles.
Secure code & architecture reviews
* Perform security-focused code reviews to identify vulnerabilities and risky implementations.
* Provide clear, actionable guidance on secure coding patterns and best practices.
* Assess application and system architectures from a security perspective.
Security testing & tooling
* Perform manual and automated web application security testing (e.g. injection flaws, auth issues, access control gaps, insecure configs, logic flaws).
* Operate, tune, and improve AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning).
* Integrate and automate security checks within CI/CD pipelines.
* Identify gaps in tooling and recommend or introduce improvements.
Incident response support
* Support engineering teams during application security incidents or vulnerability disclosures.
* Contribute to triage, impact assessment, and root cause analysis.
* Ensure lessons learned are fed back into design, tooling, and processes.
Security awareness & enablement
* Enable engineers through training, documentation, and hands‑on guidance.
* Create and maintain secure coding guidelines, checklists, and internal resources.
* Act as a trusted security partner, not a blocker.
Core Requirements
* Strong understanding of secure software development principles.
* Solid knowledge of common vulnerability classes (OWASP Top 10, CWE).
* Experience working within modern SDLCs and agile development workflows.
* Hands‑on experience with application security tools (SAST, DAST, SCA, etc.).
* Experience integrating security tooling into CI/CD pipelines.
* Experience with web application security testing.
* Ability to assess risk pragmatically and prioritize remediation.
* Understanding of cloud‑native architectures, APIs, and microservices.
* Background working closely with product and engineering teams.
Nice to have
* Exposure to security metrics, maturity models, or AppSec program building.
Benefits
* Fully remote work.
* Work‑from‑anywhere scheme (travel and work).
* Flexible working hours.
* Health and life insurance program.
* Learning & development budget.
* Tech‑driven, friendly team with an international mindset.
Apply
If you feel you’re a great fit, please apply! We’d love to hear from you!
All applications will be treated with confidentiality. Please note that due to the high volume of CVs received, only candidates who are a good fit will be contacted for an interview.
As part of our commitment to diversity in the workforce, Infiterra is dedicated to Equal Employment Opportunity, ensuring that all individuals are treated with respect and consideration without regard to race, color, national origin, ethnicity, gender, disability, sexual orientation, gender identity, or religion.
#J-18808-Ljbffr