We are looking for a Lead Application Security Engineer to join our team. The preferred candidate should have a background in software development and substantial experience in application security.

In this role, you will be accountable for overseeing the application security program for a worldwide investment company. In addition to enhancing security practices, you will be required to conduct root-cause analyses on identified issues.

Responsibilities

• Oversee the Application Security program
• Conduct threat modeling activities
• Collaborate with teams to prioritize issues and provide explanations regarding the nature of problems
• Manage processes such as remediation, mitigation, reporting, and cadence
• Address troubleshooting needs when tools encounter issues or when the team faces onboarding challenges
• Perform SAST, SCA, IaC, DAST, and API security scans on internally developed code using tools such as Checkmarx, CheckmarxOne, and SonarQube
• Evaluate scan results to distinguish between true positives and false positives
• Work closely with developers to understand results and determine optimal patch options
• Provide guidance on the intricacies of configuring pipelines in Azure DevOps (ADO) for automating the scanning process

Requirements

• 5+ years of experience in Application Security
• Expertise in OWASP Top 10
• Strong understanding of Security Programs
• Knowledge of Python, which would be considered as a plus

Nice to have

• Familiarity and experience with scripting languages (Bash)
• Background in Vulnerability Management

We offer

• We gather like-minded people:
  • Engineering community of industry professionals
  • Friendly team and enjoyable working environment
  • Flexible schedule and opportunity to work remotely within Poland
  • Chance to work abroad for up to 60 days annually
  • Relocation within our 50+ offices
• We provide growth opportunities:
  • Outstanding career roadmap
  • Leadership development, career advising, soft skills, and well-being programs
  • Certification (GCP, Azure, AWS)
  • Unlimited access to LinkedIn Learning, Get Abstract, O’Reilly, Cloud Guru
  • Language classes in English and Polish for foreigners
• We cover it all:
  • Stable income (Employment Contract or B2B)
  • Participation in the Employee Stock Purchase Plan
  • Benefits package (health insurance, multisport, shopping vouchers)
  • Strategically located offices featuring entertainment and relaxation zones, table tennis and football, free snacks, fantastic coffee, and more
  • Referral bonuses
  • Corporate, social and well-being events
• Please, note:
  • The set of bonuses might vary based on the role you apply for – specifics will be discussed with our recruiter during the general interview
  • We will reach out to selected candidates exclusively

EPAM is a leading global provider of digital platform engineering and development services. We are committed to having a positive impact on our customers, our employees, and our communities. We embrace a dynamic and inclusive culture. Here you will collaborate with multi-national teams, contribute to a myriad of innovative projects that deliver the most creative and cutting-edge solutions, and have an opportunity to continuously learn and grow. No matter where you are located, you will join a dedicated, creative, and diverse community that will help you discover your fullest potential.