Senior Application Security Specialist

Job not on LinkedIn

🕒 April 21

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

EcoVadis

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 2007

☁️ SaaS

📋 Compliance

🏢 Enterprise

💰 Secondary Market on 2022-11

SaaS • Compliance • Enterprise

EcoVadis is a SaaS company that offers sustainability intelligence solutions for companies of any size and industry, focused on managing ESG risk, compliance, and corporate sustainability goals. The platform provides services like sustainability ratings, risk mapping, carbon management, and due diligence to help companies improve their sustainability performance. EcoVadis covers over 180 countries and 220 industries, offering detailed insights to support supply chain sustainability and compliance with global regulations. The company also provides resources such as the EcoVadis Learning Academy to help companies meet specific sustainability targets, including net-zero carbon goals. EcoVadis serves a broad range of industries, including finance, pharmaceuticals, consumer goods, and more.

📋 Description

• Design, implement, and maintain security gates within CI/CD pipelines • Explore and deploy AI-powered security tools to enhance vulnerability detection and automate triage • Conduct regular internal penetration tests on web, mobile, and AI-based applications • Coordinate with external security firms for third-party audits and manage the end-to-end remediation process • Conduct security reviews and threat modeling specifically for AI-driven features • Lead threat modeling sessions with architects and developers to identify potential attack vectors • Perform regular security assessments, triage findings, and coordinate with engineering teams to prioritize remediation • Establish guidelines and best practices for the secure use of AI coding assistants • Conduct manual and automated deep-dive code reviews • Act as a security consultant for product teams, providing guidance on OWASP Top 10 and secure coding standards • Periodically monitor high-level availability and performance dashboards

🎯 Requirements

• 3+ years of professional experience in Application Security, Penetration Testing, or Secure Software Development • Practical experience with Azure cloud solutions and securing SaaS platforms • Familiarity with the OWASP Top 10 for LLM Applications and common risks associated with Generative AI and Machine Learning models • Understanding of common web and mobile application vulnerabilities (e.g., OWASP Top 10, SANS Top 25) and how to remediate them using industry-standard methodologies (e.g., OWASP WSTG) • Hands-on experience with application security tools • Experience integrating security checks into CI/CD pipelines (e.g., Azure DevOps) • Bachelor’s or Master’s degree in Computer Science, Cyber Security, or a related technical field • Excellent English communication skills to explain complex security, AI, and pentesting risks to various stakeholders • Excellent communication, facilitation, and negotiation skills, with the ability to explain complex security, AI, and pentesting risks to various stakeholders • Fluency in English (written and verbal)

🏖️ Benefits

• Support with all the necessary office and IT equipment • Flexible working hours • Wellness allowance for mental and physical wellbeing • Access to professional mental health support • Referral bonus policy • Learning and development • Sustainability events and community involvement • Peer recognition program • Employee-led resource groups • Optional (fully covered or co-financed) health care and life insurance • Multisport card • Multikafeteria • Lunch card • Hybrid work organization • Remote work from abroad policy • Internet and Electricity bill allowance • Additional day for community service when volunteering