Application Security Engineer | Senior | Low-Level

at Nord Security
📍 Warsaw, Poland
PLN 274,800-394,800 per year
SENIOR
✅ Remote

SCRAPED

Used Tools & Technologies

Not specified

Required Skills & Competences ?

Security @ 4 Go @ 6 Manual Testing @ 4 Networking @ 4 Rust @ 6 HTTP @ 4 JWT @ 3 OAuth @ 3 Reporting @ 4 Compliance @ 7

Details

The world’s most advanced VPN, and a whole lot more.

If you’re a curious problem-solver who carves their own path, join the team behind Threat Protection Pro, the NordLynx protocol, and the fastest VPN on the planet — tools that put privacy, security, and control back in people’s hands.

Your impact: helping millions take back control of their online security, privacy, and data.

Risk Department plays a vital role in protecting the organization, ensuring resilience and security across all operations. By assessing risks, ensuring compliance, and managing security audits, this team helps build a strong and trustworthy foundation.

Responsibilities

  • Conduct security reviews of application designs, source code, and third-party libraries
  • Perform regular application vulnerability assessments using both automated tools and manual testing techniques (e.g., SAST, DAST, SCA, penetration testing)
  • Collaborate with development teams to design secure architectures and implement security controls
  • Help maintain security tools, scripts, and processes to support secure development
  • Stay current with industry trends, zero-day vulnerabilities, and best practices in application security
  • Develop scripts and security automation tools to enhance application security testing processes
  • Design and deliver training for security engineering awareness & adoption
  • Actively look for internal security gaps within the product or organization overall
  • Ensure mobile and desktop applications are sufficiently tested and support internal and external audits

Requirements

  • Proven experience in mobile/desktop application security assessment planning, testing, methodologies, and vulnerability reporting
  • Strong understanding of secure coding practices
  • Ability to perform manual security code audits
  • Proficiency in at least one low-level programming language (e.g., C, C++, Rust, Go)
  • Solid understanding of networking protocols such as TCP, UDP and the HTTP protocol
  • Familiarity with debuggers (e.g., GDB, LLDB, WinDbg)
  • Familiarity with reverse engineering tools (e.g., Ghidra, IDA)
  • Solid understanding of memory corruption issues, buffer overflows and related vulnerability classes
  • Familiarity with common authentication and authorization protocols (OAuth, SAML, JWT, etc.)
  • Ability to work with networking tools such as Wireshark and tcpdump
  • Ability to quickly assimilate new technologies and tools
  • Sense of ownership with strong problem-solving and investigation skills
  • Ability to build and maintain relationships and influence key stakeholders across the business
  • Bonus: community contributions like public CVEs, bug bounty recognition, open-source tools, blogs, etc.

Salary

  • Gross Salary: 22,900 - 32,900 PLN / Month (approx. 274,800 - 394,800 PLN / Year)

Additional details

  • Department / Team: NordVPN — Cybersecurity
  • Workplace: Remote (role lists Warsaw as location)
  • Commitment: Full Time