Application Security Engineer at BrainRocket

Lisbon, Ontario, Portugal -

Full Time

Start Date

Immediate

Expiry Date

26 Apr, 26

Salary

0.0

Posted On

26 Jan, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Application Security, Cloud Infrastructure, Security Architecture, CI/CD Pipelines, Python, JavaScript, Typescript, Docker, Kubernetes, Threat Modelling, Agile Methodologies, Supply Chain Security, Privacy Laws, Security Certifications, Infrastructure As Code, Microservices

Industry

Software Development

Description

BrainRocket is a global company creating end-to-end tech products for clients across Fintech, iGaming, and Marketing. ‍Young, ambitious, and unstoppable, we've already taken Cyprus, Malta, Portugal, Poland, and Serbia by storm. Our BRO team consists of 1,300 bright minds creating innovative ideas and products. We don’t follow formats. We shape them. We build what works, launch it fast, and make sure it hits. We invite a Senior Application Security Engineer to join our team. ✅ Responsibilities: ✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives. ✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles. ✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products. ✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines. ✔️ Define required policies, controls, and capabilities for the protection of products and environments. ✔️ Build and validate declarative threat models automation. ✔️ Participate in engineering teams’ product planning cycles and committees. ✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS. ✔️ Serve as a trusted cyber security advisor to product and application teams. ✅ Minimum Requirements: ✔️ Experience integrating security scanning/tooling into the development pipeline. ✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript. ✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation). ✔️ Hands-on development experience in Python/shell scripting. ✔️ Strong understanding of supply chain security, software integrity, and secure software delivery. ✔️ Experience with Docker and mesh technologies (such as ISTIO). ✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired. ✔️ Experience working with Agile methodologies. ✔️ Knowledge of privacy laws and regulations, such as GDPR desired. ✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc. ✅ PREFERRED QUALIFICATIONS: ✔️ In-depth experience with architecting secure services on Kubernetes. ✔️ Extensive experience with architecting secure services on AWS or on-prem data centers. ✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable. ✅ We offer excellent benefits, including but not limited to: 🧑🏻‍💻 Learning and development opportunities and interesting, challenging tasks. 📚 Opportunity to develop language skills, with partial compensation for the cost of Spanish classes (for localisation purposes). ✈️ Relocation package (tickets, staying in a hotel for up to 2 weeks, and visa relocation support for our employees and their family members). 🏥 Global coverage health insurance. 🏝 Time for proper rest, with 23 working days of annual vacation and additional paid sick days. 📈 Competitive remuneration level with annual review. 🤝 Teambuilding activities. Bold moves start here. Make yours. Apply today! By submitting your application, you agree to our Privacy Policy.

Responsibilities

The Senior Application Security Engineer will be responsible for security architecture design and collaborating with various teams to implement security controls. They will also oversee product security aspects during migration to public cloud environments.