Application security engineer, up to $5000/month (negotiable), 40h/week, Kyiv

You may leave your CV on the desktop of hr@softseq.com (but better just email it :wink: )

What to do?

  • help design Secure SDLC in a mixed waterfall/agile environment (OWASP SAMM)
  • hands-on perform specialist appsec processes in SDLC (design review, Java code review, testing, etc)
  • help properly set up automation in CI/CD (so HP Fortify / HP WebInspect suck less)
  • basic performance testing to ensure system’s Availability (optional)
  • lead an appsec team that will be built by you and around you

What to know?

  • all parts of Secure SDLC - Governance, Design, Implementation, Verification, and Operations. Understand and communicate well the processes that minimize software vulnerabilities, be able to give specific examples and realistic how-to’s
  • web app security, in-depth and hands-on
  • English - upper-upper-intermediate+ or advanced, customer team is all foreign

What’s the project?

  • multiple web apps, predominantly Java
  • Saudi government agency - NOT defense/intelligence, public web apps