FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Application Security Engineer
Constructor TechApplication Security Engineer improving web application security practices at Constructor TECH. Involves threat modeling, vulnerability testing, and secure development practices.
Tech Stack
Tools & technologiesGoJavaScriptPythonSDLC
About the role
Key responsibilities & impact- Perform threat modeling, security architecture review, and design analysis for web applications and APIs.
- Conduct manual and automated security testing during development and pre-release stages.
- Design and implement security pipelines (including SAST and DAST) and integrate them into the SDLC process.
- Implement and manage SBOM generation and consumption processes across the SDLC.
- Collaborate with development teams to ensure timely remediation of identified vulnerabilities.
- Maintain security guidance aligned with OWASP best practices and provide trainings for development teams.
- Stay current with evolving application security threats, tools, and industry developments.
Requirements
What you’ll need- 3–5 years of experience in application security, with a focus on web applications and API security.
- Good knowledge of at least one scripting or programming language (e.g., Python, JavaScript, C#, or Go).
- Experience with tools like OWASP ZAP, Burp Suite, Snyk, or similar.
- Familiarity with secure coding, DevSecOps, and container security concepts.
- Strong understanding of CVE, CVSS, and vulnerability disclosure workflows.
- Excellent command of business English.
- Preferred Qualifications:
- Knowledge of SBOM standards (CycloneDX, SPDX) and experience integrating SBOM tooling into CI/CD pipelines.
- Knowledge of software composition analysis (SCA) tools.
Benefits
Comp & perks- 💻 Choice of work equipment (e.g., laptop, monitor, etc.)
- 🇬🇧 English classes (iTalki – $130 monthly)
- ⏰ Flexible schedule (we usually work between 09:00/10:00 and 18:00/19:00 CET or EET)
- 👶 Newborn bonus (€500 per child)
- 🧠 Patent remuneration
- 🌴 Paid leave
- 🧑💻 Remote work in locations without our offices
- Hybrid work in locations with offices (2 days in-office, 3 days remote)
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
threat modelingsecurity architecture reviewsecurity testingSASTDASTSBOM generationsecure codingDevSecOpssoftware composition analysisvulnerability disclosure workflows
Soft Skills
collaborationcommunicationtraining