Application Security Engineer
Prague, CZ
Vacasa
Vacasa professionally manages vacation rentals from coast to coast. Every home meets the highest standards of comfort & cleanliness. Book confidently. Stay comfortably.Why Vacasa
We started with just one home and an idea: to bring homeowners and renters together with smart technology and caring local teams. Today, we’re the largest full-service vacation rental company in North America thanks to the people who give us their best every day. You’ll fit right in here if you’re curious, entrepreneurial, and thrive in a rapid-growth environment.
What we’re looking for
Security is at the core of our operations, and we are seeking an Application Security Engineer to ensure our applications are secure and resilient against threats. This position will be part of a newly-formed cybersecurity team and will have the opportunity to help shape it. This Application Security Engineer will be engaged with Developer Teams to ensure Applications are secure from the ground up.
What you'll do
- Conduct security assessments and code reviews to identify and remediate vulnerabilities in applications.
- Implement security controls and best practices in the software development lifecycle (SDLC).
- Collaborate with development teams to integrate security into DevSecOps processes.
- Assist in the development and maintaining of security documentation, policies, and procedures.
- Perform threat modeling and risk assessments for new and existing applications.
- Stay informed about the latest application security threats and vulnerabilities.
- Provide training and guidance to development teams on secure coding practices.
- Conduct regular security audits and penetration tests on applications.
- Collaborate with other security team members to develop and implement comprehensive security strategies.
Skills you'll need
- Professional experience in security operations and incident response
- Professional experience in web-based software development and/or systems administration, with 3+ years in security
- Proficiency in secure coding practices and security testing methodologies.
- Experience with application security tools and frameworks (e.g., OWASP, SAST, DAST).
- Knowledge of DevSecOps practices and tools.
- Strong understanding of web application security, API security, and mobile security.
- Excellent problem-solving and analytical skills.
- Completion of at least one relevant security certification preferred (OSCP, CISSP, CISM, AWS Certified Security Specialty)
- Ability to work in office 4 days / week with the option to work from home 1 day / week.
What you’ll get
- Employee Stock Purchase Plan
- 5 weeks of vacation
- 12 sick days
- Meal allowance
- Contribution for pension insurance
- Hybrid work and flexible working hours
- Competitive salary
- Fresh fruits and snacks in the office
- Employee Assistance Program
- Career development opportunities
- Employee discounts
- All the equipment you’ll need to be successful
- Great colleagues and culture
- Modern offices in Prague - Karlín
Vacasa is an equal opportunity employer committed to fostering a diverse and inclusive workplace. We do not discriminate against applicants based upon race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), national origin, age, disability, genetic information, or other classes protected by applicable law. Veterans are encouraged.
Vacasa is committed to maintaining a safe and productive work environment. Possession, use, or being under the influence of alcohol or illegal drugs in the workplace is prohibited.
An offer of employment for this role will be contingent upon the successful completion of a background check and/or OFAC screening.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs Application security Audits AWS CISM CISSP DAST DevSecOps Incident response Mobile security OSCP OWASP Risk assessment SAST SDLC Security assessment Vulnerabilities
Perks/benefits: Career development Competitive pay Equity / stock options Flex hours Flex vacation Gear Insurance
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cybersecurity Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs