Principal Application Security Engineer
Krakow
Backbase
We are the pioneers of Engagement Banking. Our industry-leading platform helps banks and other financial institutions get closer to their customers like…The Job in short
Keep millions of users and their banking data safe and secure.
Meet the job
No day at backbase is the same, and even more so for our security engineers. We all know that security and banking need to go hand in hand and with hackers and tech evolving by the day, you’ll need to stay on your toes and ahead of the game.
Your core responsibility is to ensure the delivery of secure software. You are the go-to person for security, internally as well as for our clients. Leveraging your technical expertise and leadership, you drive the secure SDLC with its tools and processes. You ensure application security requirements are part of product development. You have expert understanding of application security and application security vulnerabilities and provide guidance to other team members. You provide architecture design reviews as well as source code reviews.You are responsible for Architectural Risk Analysis of the core products and lead the threat modeling activities. You provide training to developers and QA engineers on application security.
You research new tools and take the initiative in improving the ways of working. You play a key role in selecting candidates for the security team as well as onboarding and mentoring new hires.
How about you
Looking for a journey instead of a job? Then let’s talk! We are THE pioneers in banking tech. We see opportunities and take the leap. Having the guts to push limits and break barriers to make things happen. We learn and reinvent ourselves for maximum impact, never giving up. We are creators, with a customer-centric mindset that love what they do and bring fun to any challenge. Together we kick ass, have fun and feel proud when our vision is delivered. Next day - we wake up and raise the bar a little higher. Are you ready?
As a Principal Application Security Engineer you’ll take the lead in a team of security engineers working to ensure we build, maintain and deploy secure software that is used by millions of users around the globe. If you have a hacker mindset, are passionate about security and always looking to extend your knowledge, then this is the place for you.
In order to really own this role, we think you’ll need:
- Excellent understanding of application security and common application security vulnerabilities;
- Excellent knowledge of the frontend, backend and mobile security domains;
- Good understanding of DevOps and cloud native technologies;
- Successful track record driving security initiatives;
- A background in development and a good understanding of the SDLC;
- English language on a professional level, written and spoken.
We’ll be delighted if you bring experience in the following topics but otherwise these would be opportunities for you to grow your knowledge working in the security team:
- Implementing OWASP ASVS/M-ASVS and SKF;
- Implementing SAST/SCA/IAST/RASP tools in the SDLC;
- Assessing and implementing security maturity models;
- Facilitating threat modeling sessions with the development teams;
- Pen testing web and mobile applications;
- Training and guiding developers on application security concepts;
- Relevant regulations such as GDPR and PCI-DSS.
Tags: Application security Banking Cloud DevOps GDPR IAST Mobile security OWASP Pentesting Risk analysis SAST SDLC Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Agile-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs