Application Security Engineer

We are looking for a strong Application Security Engineer ready to lead and build the AppSec function. Who will drive secure engineering practices across product teams, implement SAST/DAST/SCA in CI/CD, lead threat modeling, introduce OWASP ASVS and AppSec maturity frameworks (BSIMM / SAMM / SDL), and shape our secure SDLC.

Responsibilities:

• Develop and promote secure coding culture across developer teams.
• Lead adoption of OWASP ASVS, define internal security standards and secure SDLC baselines.
• Implement threat modeling and integrate it into design and development processes.
• Lead implementation and continuous improvement of SAST, DAST, SCA in CI/CD.
• Conduct developer training, workshops, and knowledge-sharing sessions.
• Participate in architectural design, build security review processes for features and services.
• Lead adoption of recognized AppSec maturity frameworks, such as BSIMM, OWASP SAMM, and Microsoft SDL, to guide the development, measurement, and continuous improvement of the organization’s application security program.
• Collaborate with developer leads to embed security into planning and delivery.

• 5+ years of experience in Application Security/Product Security.
• Strong knowledge of OWASP Top 10 and API Security Top 10.
• Hands-on experience with Burp Suite, OWASP ZAP, Acunetix.
• Hands experience of implementing the Vulnerability Management process.
• Experience with SAST, SCA, and CI/CD security integration.
• Programming skills in two or more of the following: PHP, JavaScript/TypeScript, Java, Python, Go, Node.js.
• Understanding of REST, OAuth2, JWT.
• Ability to influence developers and drive secure engineering practices.

• Mobile application security testing.
• Bug bounty reports / CTF participation.
• Exploit development.
• Experience building or leading AppSec programs.
• Experience with AppSec maturity models and frameworks (e.g., BSIMM, OWASP SAMM, Microsoft SDL) and applying them to define, implement, and improve secure software development practices.

Working conditions:

• Competitive remuneration
• Support in relocation to Cyprus
• Convinient location in Limassol
• Flexible start of the day
• Paid leave of 21 days