Application Security Engineer (100 remote-friendly within Poland)

As a Security Engineer you will have a crucial role in safeguarding our software products and contributing to our organizations success. Youll collaborate with development teams share your expertise and design robust security frameworks. With autonomy to set goals and work with cutting-edge technologies join us in creating a secure environment and driving our organization forward.

Your mission is to ensure the security and integrity of our software products. You will collaborate with development teams to identify and mitigate vulnerabilities while providing guidance on the best security practices. Together we can make a difference in software security and join us in this inspiring mission to make the healthcare experience more human.

Key Objectives 

• Collaborating with our development teams to build a secure SDLC that integrates security at every stage of the software development process.

• Researching and configuring security tooling to provide comprehensive security coverage.

• Defining security guidelines for our applications to ensure that every product we release is protected against any potential attacks.

• Consulting on new products which may include pen-testing threat modeling or designing secure solutions to ensure that they meet our high standards of security.

• Developing a vulnerability management system that identifies and mitigates potential threats before they reach production.

• Helping developers to understand security concepts and practices to foster a culture of security within our organization.

Qualifications :

• Relevant professional experience

  • Strong knowledge of application security secure coding practices and common risks and vulnerabilities.

  • Experience working as a partner with large distributed Product and Development teams.

  • Ability to identify and implement improvements to processes and procedures. 

  • Being able to automate routine tasks enhance existing solution (preferably knowledge of Python)

  • Experience working with cloud native and containerized environments (AWS/Azure Docker Kubernetes) knowledge of common security practices and testing approaches

  • Strong hands-on skills with testing and securing server-side and client-side apps

  • Experience working with common security certifications and supporting the GRC team.  Experience with ISO 2700X NIST C5 SOC2 PSI-DSS is a plus.

  • SDE background is a plus

  • Testing and securing AI-based projects (LLM RAG diffusion models fine-tuning pipelines prompt injection model extraction data poisoning) is a plus

  • Experience PHP and Javascript environments is a plus

• Communication excellence

  • Strong communication skills: you are able to explain complex topics in clear simple language and are skilled in educating guiding and supporting others.

• Experience working in a fast scaling digital company

  • You understand the environment of a global organization scaling at pace

  • Mindset of building for scale with a data-driven approach

• Strong Project Management Skills

  • Ability to set up goals and priorities for yourself and your peers to plan and organize work using project management tools like Jira.

Additional Information :

Lets talk money

• A salary adequate to your experience and skills.

• Share options plan after 6 months of working with us.

True flexibility and work-life balance

• Remote or hybrid work model with or hub in Warsaw;
• Flexible working hours (fully flexible as in most cases you only have to be on a couple of meetings weekly);
• 20/26 days of paid time off (depending on your contract);
• Additional paid day off on your birthday or work anniversary (you choose what you want to celebrate).

Health comes first 

• Private healthcare plan with Signal Iduna for you and subsidized for your family. 
• Multisport card co-financing for you to have access to sports facilities across Poland. 
• Access to iFeel a technological platform for mental wellness offering online psychological support and counseling. 

Keep growing with us

• 20% time rule: spend 20% of your working hours on your own growth;
• Free English classes.

We promote and embrace equal opportunities in our hiring process and also every day at work. When you apply for our roles you receive equal treatment regardless of age disabilities gender reassignment marital or civil partner status pregnancy or parental status race colour nationality ethnic or national origin religion or belief sex sexual orientation or any other dimension of human difference.  If you require additional support in your recruitment process we kindly encourage you to let us know. Behind those words youre reading theres a person (hi!) who already helped a candidate by adapting the interviews and now were lucky to have this person with us. So even if youve never asked for it before may this serve as a sign that now you can do so. We can only truly be equal if we adapt to each other.

We believe all humans in all their beautiful diversity should have equal rights dignity and respect. Period. Mariusz Gralewski  CEO

Remote Work :

Yes

Employment Type :

Full-time