Application Security Engineer

🕒 April 24

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

SOFTSWISS

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

🎮 Gaming

Gaming • Software Development

SOFTSWISS is a leading provider of iGaming software solutions, offering a wide range of products including iGaming Platform, Sportsbook Platform, Game Aggregator, Jackpot Aggregator, and more. Established in 2009, SOFTSWISS has grown to employ over 1,700 people across 4 international offices in Poland, Georgia, Malta, and several remote locations. The company is known for its innovation in the iGaming industry, being the first Crypto iGaming provider in the world. SOFTSWISS not only promotes a dynamic and flexible work culture with comprehensive employee benefits but also commits to social responsibility by supporting various campaigns and initiatives.

📋 Description

• Partner with product teams during the design phase to facilitate threat modeling and risk assessment sessions. • Perform in-depth manual code reviews on critical applications to identify logical vulnerabilities as part of white-box security assessments. • Tune and adjust rulesets for automated security scanning tools to reduce false positives and improve detection rates. • Develop scripts and automation tools to streamline workflows and free up time for more complex analysis. • Assist developers in understanding security risks and threats discovered during risk assessments, threat modeling, and dynamic testing. • Triage vulnerabilities from the bug bounty program, collaborating with external researchers and internal engineering teams to resolve discovered flaws. • Collaborate with Dev/QA teams throughout the development lifecycle to enhance the application's security posture by providing dedicated security consulting, continuous knowledge sharing, and actionable guidance. • Develop and maintain the internal security knowledge base, including comprehensive secure coding guidelines and technical manuals for standard security features.

🎯 Requirements

• 1.5+ years of experience in application security, software development, or related technical roles. • Solid understanding of web fundamentals (e.g., HTTP/HTTPS protocols, cookie storage mechanisms, and session management). • Knowledge of web application security mechanisms and controls (e.g., SOP, CORS, CSP). • Comprehensive understanding of common web vulnerabilities (e.g., OWASP Top 10) and their practical mitigation strategies. • Knowledge of secure system and application architecture alongside secure-by-design principles. • Practical, hands-on expertise in identifying vulnerabilities through manual security assessments and secure code reviews. • Ability to clearly articulate and explain the business impact of identified threats and vulnerabilities to developers and product teams. • A strong security-first mindset with a continuous drive to learn and achieve excellence in the cybersecurity field. • University degree in Computer Science, Information Security, or a related field (or an equivalent combination of education and practical experience). • Intermediate or higher proficiency in English (B2 level or above) for effective technical communication.

🏖️ Benefits

• Full-time remote work opportunities and flexible working hours • Private insurance • Additional 1 Day Off per calendar year • Sports program compensation • Comprehensive Mental Health Programm • Free online English lessons with a native speaker • Generous referral program • Training, internal workshops, and participation in international professional conferences and corporate events.