about 4 hours ago
Remote, EstoniaMid Level / Senior
H1B Sponsor
Responsibilities
- Own recurring Application Security activities for multiple product teams.
- Conduct secure design reviews, threat modeling, and code reviews.
- Assess vulnerabilities and help teams focus on significant issues.
- Validate security fixes and recommend practical alternatives.
- Improve AppSec workflows and integrate security into CI/CD pipelines.
- Provide clear prioritization and actionable remediation guidance.
- Contribute to secure-by-default development practices.
Requirements
- Strong knowledge of web and API security issues and secure coding fundamentals.
- Experience conducting secure code reviews in Java, TypeScript, and PHP.
- Ability to lead threat modeling sessions and translate outcomes into security requirements.
- Experience managing Application Security tools and bug bounty platforms.
- Working knowledge of OAuth/OIDC and cloud security concepts.
- Strong communication skills to collaborate with engineers and stakeholders.
- Sound judgment in using AI-assisted workflows.
Benefits
- 28 calendar days of paid vacation.
- 5 paid uncertified sick days.
- 18 weeks maternity and 4 weeks paternity leave.
- 2 volunteer days.
- Health insurance for employees and dependents.
- Life insurance plan.
- Utility allowance of 30 EUR/month.
- Fitness plan of 800 EUR/year.
- Full-remote work with on-demand access to co-working space.