Application Security Engineer at Sofia Stars

Sofia, Sofiya, Bulgaria -

Full Time

Start Date

Immediate

Expiry Date

08 May, 26

Salary

0.0

Posted On

07 Feb, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Application Security, Cloud Infrastructure, Security Architecture, CI/CD Pipelines, Python, JavaScript, Typescript, Docker, Kubernetes, Threat Modelling, Agile, Supply Chain Security, Privacy Laws, Security Certifications, Infrastructure as Code, Microservices

Industry

Business Consulting and Services

Description

Sofia Stars is an operational services company based in Sofia. We offer a range of solutions for online businesses, including R&D, Marketing, Customer Support, KYC, Risk, and Anti-Fraud services. With 300+ bright stars on our team, we deliver secure, reliable solutions with a touch of quality that shines. When you join us, you’ll be part of a place where ideas light up, and growth isn’t just a promise—it’s a journey. We invite a Senior Application Security Engineer to join our team. 🌎 Global Remote Mobility: Available for Senior roles in selected jurisdictions. ✅ Responsibilities: ✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives. ✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles. ✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products. ✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines. ✔️ Define required policies, controls, and capabilities for the protection of products and environments. ✔️ Build and validate declarative threat models automation. ✔️ Participate in engineering teams’ product planning cycles and committees. ✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS. ✔️ Serve as a trusted cyber security advisor to product and application teams. ✅ Minimum Requirements: ✔️ Experience integrating security scanning/tooling into the development pipeline. ✔️ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript. ✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation). ✔️ Hands-on development experience in Python/shell scripting. ✔️ Strong understanding of supply chain security, software integrity, and secure software delivery. ✔️ Experience with Docker and mesh technologies (such as ISTIO). ✔️ Experience with architecture and security reviews, threat modelling, and application risk is highly desired. ✔️ Experience working with Agile methodologies. ✔️ Knowledge of privacy laws and regulations, such as GDPR desired. ✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc. ✅ PREFERRED QUALIFICATIONS: ✔️ In-depth experience with architecting secure services on Kubernetes. ✔️ Extensive experience with architecting secure services on AWS or on-prem data centers. ✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable. ✅ We offer excellent benefits, including but not limited to: 🏖️ Up to 25 vacation days; 🤒 6 Undocumented Sick Leave Days; 💷 Monthly food vouchers (102 EUR); 🏥 Private Medical Insurance; 🏋🏼 Multisport Card; 🎁 Birthday, Wedding and Newborn gifts; 🍔 Breakfast, Friday lunches, fruits, and snacks in the office; 🎭 Monthly company activities and team-building events; 🚀 Career growth opportunities. Ready to shine? Let’s make it real. By submitting your application, you agree to our Privacy Policy.

Responsibilities

The Senior Application Security Engineer will be responsible for security architecture design and collaborating with various teams to implement security controls. They will also oversee product security aspects during migration to public cloud environments.