We’re BrainRocket — an international software development and digital solutions company driven by 1,300 talented professionals across Cyprus, Malta, and Portugal.
Here, everything moves at rocket speed: driving innovation, pioneering projects, and fast-tracking careers.
Together, we turn ideas into action — let’s get started!
We invite a Senior Application Security Engineer to join our team.
Global Remote
Available for Senior roles in selected jurisdictions.
Responsibilities
* Demonstrated ability to collaborate with other teams to achieve complex objectives.
* Responsible for security architecture design from cloud infrastructure to application through the implementation of \"secure by design\" principles.
* Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
* Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
* Define required policies, controls, and capabilities for the protection of products and environments.
* Build and validate declarative threat models automation.
* Participate in engineering teams’ product planning cycles and committees.
* Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
* Serve as a trusted cyber security advisor to product and application teams.
Qualifications
* Minimum of 3 years experience as an Application Security Engineer.
* Experience integrating security scanning/tooling into development pipeline.
* Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
* Strong understanding of supply chain security, software integrity, and secure software delivery.
* Experience with docker and mesh technologies (such as ISTIO).
* Experience with architecture and security reviews, threat modeling and applications risk highly desired.
* Experience working with Agile methodologies.
* Knowledge of privacy laws and regulations, such as GDPR desired.
* Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.
* In-depth experience with architecting secure services on Kubernetes.
* Extensive experience with architecting secure services on AWS or on-prem data centers.
* Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH is highly desirable.
Benefits
* Learning and development opportunities and interesting, challenging tasks.
* Opportunity to develop language skills, with partial compensation for the cost of English classes.
* Time for proper rest, with 20 working days of annual vacation.
* Competitive remuneration level with annual review.
Bold moves start here. Make yours. Apply today!
#J-18808-Ljbffr