Application Security Engineer

HRLabs specializes in connecting exceptional talent with leading companies.

Were partnering with a fast-growing fintech company thats transforming the way businesses get paid. As they continue to scale, we're looking for an Application Security Engineer to play a key role in transforming the FinTech space to take a central role in advancing and executing security initiatives. Working closely with cybersecurity and development teams, this individual will help align technical security efforts with broader business goals and compliance requirements. The role is crucial for maintaining a secure, reliable, and compliant environment in our fast-paced fintech landscape.

Key Responsibilities:

<> Integrate and manage Snyk (SCA/SAST) to proactively uncover and address vulnerabilities across our code repositories.
<> Build automation for security scans and reporting processes, tailoring rules to our architecture and minimizing false positives.
<> Interpret scan outputs, assess risk levels using standards like CVSS, and provide clear remediation steps to development teams.
<> Partner with engineers to promote secure coding practices, conduct code reviews, and run threat modeling sessions using frameworks such as OWASP Top Ten and ASVS.
<> Provide expert guidance on secure application design, focusing on API security, data privacy, and robust authentication/authorization mechanisms.
<> Drive security awareness by delivering training sessions and workshops to instill a security-first mindset across engineering.


Your Background:

<> At least 2 years of hands-on experience in application security, with practical use of tools like Snyk.
<> A strong development background in PHP and/or .NET, with a solid grasp of secure coding techniques in these environments.
<> Knowledge of common security standards and frameworks (e.g., OWASP, ASVS, NIST, ISO 27001).
<> Excellent skills in risk analysis, communication, and technical documentation.


Nice to have:

<> Relevant security certifications (e.g., OSWE).
<> Experience with tools like SonarQube and integration of security processes with platforms like Jira.
<> A track record of automating security workflows and embedding security into CI/CD pipelines.


What You'll Get:

<> A competitive compensation package designed to reward your expertise
<> 25 days of paid annual leave
<> Premium health insurance with full dental and optical coverage
<> Monthly meal vouchers worth 200 BGN
<> Fully covered Multisport card for your fitness and wellness needs
<> Free snacks, drinks, and barista-quality coffee available in the office


Location: Sofia

Interested in this role?
Submit your CV and let's talk. We'd love to share more details!

All documents will be treated in the strictest confidentiality.
Only short-listed candidates will be invited for an interview.


HRLabs has License 3357/13.07.2022