Application Cyber Security Engineer

Application Security Expert

We are currently looking for an experienced Application Security Expert to join our team in the journey of practical cyber security and to ensure the security and resilience of our web and desktop applications. You will be involved in all stages of the software development lifecycle, focusing on identifying vulnerabilities, mitigating risks, and implementing secure coding practices across multiple platforms. You will collaborate closely with development teams to integrate security by design and respond to evolving cyber threats.

Responsibilities:

• Perform security assessments of web and desktop applications, identifying vulnerabilities in design, code, and architecture.
• Work with development teams to implement secure coding practices, provide code reviews, and improve application security posture.
• Conduct security audits, penetration testing, red teaming and threat modeling.
• Stay up-to-date with the latest security trends, exploits, and vulnerabilities, translating this knowledge into actionable improvements.
• Development of detailed documentation, detailed security assessment reports and remediation recommendations.

Requirements:

• 3+ years of experience in application security
• MS (preferred) or BS degree in Computer Science or equivalent work experience
• Strong understanding of OWASP Top 10 and CWE Top 25.
• Hands-on experience with penetration testing and vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP, Metasploit, Nmap, Snyk).
• Strong understanding of secure software development principles (secure coding, authentication, encryption).
• Experience with common web technologies (HTML, CSS, JavaScript, PHP ).
• Hands-on experience in scripting/coding, preferably in Python, JavaScript or Golang.
• An ability to read obfuscated, minificated code
• Familiarity with SAST, DAST tools.
• Strong problem-solving skills.
• Technical leadership experience
• Experience working in distributed team
• Fluent English

Skill Keywords:

• OWASP
• CWE
• Secure Coding
• Penetration Testing
• Vulnerability Assessment
• Web Application Security
• Desktop Application Security
• API Security
• Cryptography
• Burp Suite
• OWASP ZAP
• Metasploit
• Snyk
• Threat Modeling
• Security Automation
• JavaScript
• Node.js
• HTML
• CSS
• PHP
• SSL/TLS
• Nmap
• Wireshark
• Linux
• Windows
• Code Review
• Risk Assessment
• CORS

What we offer:

• Competitive salary and great benefits.
• Accelerated career growth.
• Flexible schedule and remote-friendly policy.
• Office in the center of Porto.
• Employer-sponsored health insurance.
• Strong work-life balance emphasis.
• Extra holidays.