Application Security Engineer

at Nord Security
📍 Warsaw, Poland
PLN 202,800-395,600 per year
MIDDLE SENIOR
✅ Hybrid

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 3 Go @ 5 Manual Testing @ 3 Networking @ 3 Rust @ 5 HTTP @ 3 JWT @ 2 OAuth @ 2 Reporting @ 3

Details

An opportunity for a Mid-Senior Application Security Engineer in our Cybersecurity team at NordVPN. You will play a crucial role in securing our applications through various assessments and collaboration with development teams.

Responsibilities

  • Conduct security reviews of application designs, source code, and third-party libraries.
  • Perform regular application vulnerability assessments using both automated tools and manual testing techniques (e.g., SAST, DAST, SCA, penetration testing).
  • Collaborate with development teams to design secure architectures and implement security controls.
  • Help maintain security tools, scripts, and processes to support secure development.
  • Stay current with industry trends, zero-day vulnerabilities, and best practices in application security.
  • Develop scripts and security automation tools to enhance application security testing processes.
  • Design and deliver training for security engineering awareness & adoption.
  • Actively look for internal security gaps within the product or organization overall.
  • Ensure mobile/desktop applications are sufficiently tested and support internal and external audits.

Requirements

  • Proven experience in mobile/desktop application security assessment planning, testing, methodologies, and vulnerability reporting.
  • Strong understanding of secure coding practices.
  • Ability to perform manual security code audits.
  • Proficiency in at least one low-level programming language (e.g., C, C++, Rust, Go).
  • Solid understanding of networking protocols such as TCP, UDP, and the HTTP protocol. Familiarity with debuggers (e.g., GDB, LLDB, WinDbg).
  • Familiarity with reverse engineering tools (e.g., Ghidra, IDA).
  • Solid understanding of memory corruption issues, buffer overflows, and related vulnerability classes.
  • Familiarity with common authentication and authorization protocols (OAuth, SAML, JWT, etc.).
  • Ability to work with networking tools such as Wireshark, tcpdump.
  • Ability to quickly assimilate new technologies and tools.
  • Sense of ownership with strong problem-solving and investigation skills.
  • Ability to build and maintain relationships, influencing key stakeholders across the business.
  • Bonus points for community contributions like public CVEs, bug bounty recognition, open-source tools, blogs, etc.

Benefits

  • Competitive salary range of 16,900 - 32,900 PLN per month, gross.