Application Security Engineer

<div class="content-intro"><p>Sofia Stars is an operational services company based in Sofia. We offer a range of solutions for online businesses, including R&amp;D, Marketing, Customer Support, KYC, Risk, and Anti-Fraud services. With 300+ bright stars on our team, we deliver secure, reliable solutions with a touch of quality that shines.&nbsp;When you join us, you’ll be part of a place where ideas light up, and growth isn’t just a promise—it’s a journey.&nbsp;</p></div><p>We invite&nbsp;<strong>a Senior Application Security Engineer </strong>to join our team.</p> <p><span class="Yjhzub">🌎 <span style="text-decoration: underline;">Global Remote Mobility:</span> Available for Senior roles in selected jurisdictions.</span></p> <p>✅&nbsp;<strong>Responsibilities:<br></strong>✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.<br>✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.<br>✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.<br>✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.<br>✔️ Define required policies, controls, and capabilities for the protection of products and environments.<br>✔️ Build and validate declarative threat models automation.<br>✔️ Participate in engineering teams’ product planning cycles and committees.<br>✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.<br>✔️ Serve as a trusted cyber security advisor to product and application teams.</p> <p>✅ <strong>Minimum Requirements:</strong><br>✔️ Experience integrating security scanning/tooling into the development pipeline.<br>✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.<br>✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).<br>✔️ Hands-on development experience in Python/shell scripting.<br>✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.<br>✔️ Experience with Docker and mesh technologies (such as ISTIO).<br>✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.<br>✔️ Experience working with Agile methodologies.<br>✔️ Knowledge of privacy laws and regulations, such as GDPR desired.<br>✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.</p> <p>✅ <strong>PREFERRED QUALIFICATIONS:</strong><br>✔️ In-depth experience with architecting secure services on Kubernetes.<br>✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.<br>✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.</p> <p>✅ <strong>We offer excellent benefits, including but not limited to:</strong><br>🏖️ Up to 25 vacation days;&nbsp;<br>🤒 6 Undocumented Sick Leave Days;&nbsp;<br>💷 Monthly food vouchers (102 EUR);&nbsp;<br>🏥 Private Medical Insurance;&nbsp;<br>🏋🏼 Multisport Card;&nbsp;<br>🎁 Birthday, Wedding and Newborn gifts;&nbsp;<br>🍔 Breakfast, Friday lunches, fruits, and snacks in the office;&nbsp;<br>🎭 Monthly company activities and team-building events;&nbsp;<br>🚀 Career growth opportunities.</p><div class="content-conclusion"><p>Ready to shine? Let’s make it real.</p> <p><strong>By submitting your application, you agree to our&nbsp;<a href="https://www.sofiastars.com/privacy-policy" target="_blank">Privacy Policy.</a></strong></p></div>