Application Security / Product Security Engineer

We are looking for an Application Security / Product Security Engineer to support and improve security processes across the software development lifecycle (SDLC) and CI/CD environments for our client.

In this role, you will work closely with engineering teams to help implement and maintain security controls, improve vulnerability management processes, support compliance initiatives, and strengthen secure development practices across modern software delivery pipelines.Office remoteEuropean UnionUkraineRequirements2-5 years of experience in Application Security, Product Security, DevSecOps, Security Operations, or related cybersecurity rolesGeneral understanding of Secure SDLC and application security principlesExperience working with security tools or processes related to vulnerability management, CI/CD security, or dependency/security scanningFamiliarity with Jira or similar ticketing/tracking systemsUnderstanding of common application security risks and vulnerabilitiesAbility to document processes and communicate effectively with technical teamsEnglish skills sufficient for technical communication and participation in project discussionsNice to haveHands-on experience with SCA tools such as FOSSA, Snyk, Mend, Black Duck, or similarFamiliarity with open-source license compliance processesExperience with secret detection tools, pre-commit hooks, or CI/CD secret scanningExperience integrating security controls into GitHub Actions or other CI/CD platformsFamiliarity with vulnerability remediation workflows and SLA trackingExperience with asset inventory tools such as NetBoxExperience supporting audits or compliance initiatives (ISO *****, SOC 2, etc.)Familiarity with SAST, DAST, container scanning, or cloud security toolingExperience working in cloud-native or Kubernetes environmentsResponsibilitiesSupport Software Composition Analysis (SCA) processes and open-source license compliance activitiesHelp implement and maintain secret detection practices, including pre-commit hooks and CI/CD secret scanningParticipate in vulnerability management activities: vulnerability scanning, triage and prioritization, Jira ticket tracking, remediation follow-up and SLA

monitoringCollaborate with engineering teams to improve Secure SDLC and CI/CD security practicesSupport security tooling integrations within CI/CD pipelines (e.G., GitHub Actions)Maintain security-related documentation and assist with audit/compliance activitiesContribute to asset inventory and security governance processesWork with development and infrastructure teams to improve overall security postureWe offerProjects for such clients as PayPal, Wargaming, Xerox, Philips, Adidas and Toyota; Competitive compensationthat depends on your qualification and skillsCareer development system with clear skill qualificationsFlexible working hours aligned to your scheduleOptions to work remotelyCorporate medical insurance covering services of private and public medical centersEnglish courses onlineCorporate parties and events for employees and their childrenInternal conferences, workshops and meetups for learning and experience sharingGym membership compensation5 days of paid sick leave per year with no obligation to submit a sick-leave certificateAny questions? *#J--Ljbffr

False