B

Senior Application Security Engineer

big stars Serbia
Visa Sponsorship Relocation
Apply
AI Summary

Big Stars seeks a Senior Application Security Engineer to design and implement secure-by-design solutions across cloud infrastructure and applications. The role involves collaborating with product teams, defining security policies, and overseeing migration to AWS while ensuring threat modeling and supply chain security. Candidates must have 3+ years of experience with CI/CD pipelines, IaC, and security tooling for JavaScript/TypeScript applications.

Key Highlights
Secure-by-design security architecture from cloud to application
CI/CD pipeline security implementation and IaC expertise
Threat modeling automation and supply chain security
AWS migration security oversight and Kubernetes security
Key Responsibilities
Collaborate with product managers, architects, and developers on security controls platform ecosystem and products
Proof security implementations within infrastructure and application deployment manifests and CI/CD pipelines
Define required policies, controls, and capabilities for protection of products and environments
Build and validate declarative threat models automation
Oversee product security aspects for migration of products and services from Data Center to public cloud (e.g., AWS)
Serve as trusted cyber security advisor to product and application teams
Technical Skills Required
Application Security CI/CD Pipelines Infrastructure-as-Code Threat Modeling
Benefits & Perks
24 vacation days annually
6 sick days without medical certificate
Premium Health Insurance (up to 5,000 EUR annually)
Learning & Development budget
Relocation package for international candidates
Nice to Have
In-depth experience with architecting secure services on Kubernetes
Extensive experience with architecting secure services on AWS or on-prem data centers
Security-related professional certifications (CISSP, CISM, CCSK, CCSP, CEH)

Job Description


Big Stars is an end-to-end product engineering company based in Belgrade, Serbia. We create a space where people take initiative and go big.

We focus on:

- turning outdated systems into high-performing engines

- creating clean products that users actually love

- designing stable and secure environments

- building complex tech products


We invite a Senior Application Security Engineer to join our team in Belgrade, Serbia.


Responsibilities:

✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives.

✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.

✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.

✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.

✔️ Define required policies, controls, and capabilities for the protection of products and environments.

✔️ Build and validate declarative threat models automation.

✔️ Participate in engineering teams’ product planning cycles and committees.

✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.

✔️ Serve as a trusted cyber security advisor to product and application teams.


Requirements:

✔️ Minimum of 3 years experience as an Application Security Engineer.

✔️ Experience integrating security scanning/tooling into development pipeline.

✔️ Experience in analyzing and securing microservices and applications developed using Javascript and Typescript.

✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).

✔️ Hands-on development experience in Python/shell scripting.

✔️ Strong understanding of supply chain security, software integrity, and secure software delivery.

✔️ Experience with docker and mesh technologies (such as ISTIO).

✔️ Experience with architecture and security reviews, threat modeling and applications risk highly desired.

✔️ Experience working with Agile methodologies.

✔️ Knowledge of privacy laws and regulations, such as GDPR desired.

✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.


PREFERRED QUALIFICATIONS:

✔️ In-depth experience with architecting secure services on Kubernetes.

✔️ Extensive experience with architecting secure services on AWS or on-prem data centers.

✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH is highly desirable.


We offer excellent benefits, including but not limited to:

🏝 24 vacation days annually

🤒 6 sick days without a medical certificate

🏥 Premium Health Insurance (coverage up to 5,000 EUR annually)

🎉 Special occasion gifts: birthday, wedding, newborn

📚 Learning & Development budget (for conferences, courses and certifications)

🌍 Corporate events: international parties, team buildings, activities

📈 Career growth opportunities in a fast-growing company

✈️ Relocation package for international candidates

🏋️ Sports package (FitPass membership)

🗣️ Language classes: Serbian & English (company-covered)


Similar Jobs

Explore other opportunities that match your interests

Security Automation Engineer

Cyber Security
2h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

big stars

Serbia

Senior Application Security Engineer

Cyber Security
1w ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

big stars

Serbia

Security Access Management Team Lead

Cyber Security
4w ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

big stars

Serbia

Subscribe our newsletter

New Things Will Always Update Regularly