Please mention DailyRemote when applying
AI Summary
Sofia Stars is an operational services company based in Sofia. We offer a range of solutions for online businesses, including R&D, Marketing, Customer Support, KYC, Risk, and Anti-Fraud services. With 300+ bright stars on our team, we deliver secure, reliable solutions with a touch of quality that shines. When you join us, youβll be part of a place where ideas light up, and growth isnβt just a promiseβitβs a journey.
We invite a Senior Application Security Engineer to join our team.
π Global Remote Mobility: Available for Senior roles in selected jurisdictions.
β
Responsibilities:
βοΈ Demonstrated ability to collaborate with other teams to achieve complex objectives.
βοΈ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
βοΈ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
βοΈ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
βοΈ Define required policies, controls, and capabilities for the protection of products and environments.
βοΈ Build and validate declarative threat models automation.
βοΈ Participate in engineering teamsβ product planning cycles and committees.
βοΈ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
βοΈ Serve as a trusted cyber security advisor to product and application teams.
β
Minimum Requirements:
βοΈ Experience integrating security scanning/tooling into the development pipeline.
βοΈ Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
βοΈ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
βοΈ Hands-on development experience in Python/shell scripting.
βοΈ Strong understanding of supply chain security, software integrity, and secure software delivery.
βοΈ Experience with Docker and mesh technologies (such as ISTIO).
βοΈ Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
βοΈ Experience working with Agile methodologies.
βοΈ Knowledge of privacy laws and regulations, such as GDPR desired.
βοΈ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.
β
PREFERRED QUALIFICATIONS:
βοΈ In-depth experience with architecting secure services on Kubernetes.
βοΈ Extensive experience with architecting secure services on AWS or on-prem data centers.
βοΈ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.
β
We offer excellent benefits, including but not limited to:
ποΈ Up to 25 vacation days;
π€ 6 Undocumented Sick Leave Days;
π· Monthly food vouchers (102 EUR);
π₯ Private Medical Insurance;
ππΌ Multisport Card;
π Birthday, Wedding and Newborn gifts;
π Breakfast, Friday lunches, fruits, and snacks in the office;
π Monthly company activities and team-building events;
π Career growth opportunities.
Ready to shine? Letβs make it real.
By submitting your application, you agree to our Privacy Policy.
Automatically Apply to the Best Remote Jobs
Stop the endless job search. Our AI finds and applies to the best jobs for you.
