Remote Application Security Engineer - Cybersecurity Focus

About the Role

Are you an experienced Application Security Engineer with a hacker’s mindset and a developer’s heart? We’re hiring a fully remote Application Security Engineer at Evolveum to secure the world's leading open-source Identity Governance and Administration (IGA) platform! This role offers you the opportunity to work in a dynamic environment where your skills will directly contribute to enhancing the security posture of our applications.

What You'll Do

• Integrate and maintain security testing tools (SAST/DAST, SCA, IaC) directly into our CI/CD pipelines.
• Conduct vulnerability scanning, perform internal penetration tests on applications/APIs, and prioritize risks.
• Analyze incoming security reports and vulnerability disclosures from our customers and the open-source community.
• Perform security-focused code reviews and collaborate with our Java/Python developers to implement secure fixes.
• Partner with our Security Architect and CPO on threat modeling and risk assessments.
• Elevate our team's security posture by delivering developer training based on bug bounty findings, red team exercises, and real-world exploits.
• Support incident response by analyzing threats, proposing solutions, and preparing public vulnerability disclosures.

Requirements

• Proven experience in application security, penetration testing, or red teaming.
• Strong understanding of OWASP Top 10, common vulnerabilities (SQLi, XSS, CSRF, RCE), and relevant NIST frameworks.
• Solid software development background, especially in Java.
• Good communication skills – ability to explain security issues to both technical and non-technical colleagues.

Nice to Have

• Experience managing Bug Bounty programs (e.g., HackerOne) or vulnerability disclosures.
• A background in product development or the Identity/Access Management (IAM/IGA) space.

What We Offer

• Competitive salary starting from €3,000/month, with potential for growth based on experience.
• Fully remote work environment, allowing for flexibility and work-life balance.
• Opportunity to work with a globally recognized, EU-based organization.
• Engagement in open-source projects with a financially stable company.
• Access to a dedicated and passionate team committed to innovation and security.

Ready to secure the future of open-source identity? Click the Easy Apply button!