Join to apply for the Senior Application Security Engineer role at Aize
What You Tell Your Friends You Do
"I help developers build cool stuff - safely."
What You Really Will Be Doing
1. Own Aize’s Application Security strategy, driving a security-first culture across our engineering teams
2. Train developers on secure coding practices and follow up on issues flagged by our security tooling (like Snyk and Microsoft Defender)
3. Design, implement, and operate security tools and improve our secure SDLC processes
4. Contribute to ISO 27001 compliance through threat modeling exercises, security architecture reviews, and architectural discussions
5. Prioritize security initiatives based on risk assessment, threat landscape, business impact, and technical feasibility
How You Will Be Doing This
* Establish and improve secure development processes
* Work closely with developers and coach them on secure coding practices
* React to threats and proactively address potential issues
* Collaborate with devs, platform teams, and product managers to embed security at every stage
* Balance addressing security debt in existing products with shaping secure design and integrating security tooling for new projects
* Collaborate across disciplines to bring a strong security voice into daily operations
Team
You’ll join a small but impactful security team, working closely with other teams to develop and enhance security, shaping the application security function and influencing security culture.
Who We Think You Are
* A proactive individual owning security improvements and adapting quickly
* Experienced with SaaS cloud solutions (preferably Azure) and familiar with DevSecOps practices; familiarity with Microsoft E5 security suite is a plus
* Capable of handling security in both legacy systems and greenfield projects
* Knowledgeable about OWASP Top 10, ASVS, secure coding, threat modeling (STRIDE), and security architecture review across languages like C#, React, Java, Python, Go, TypeScript/Angular
* Strong understanding of web app and API security and mitigation strategies
* A good collaborator with relationship-building and influencing skills
* Comfortable with pentesting tools and experienced in security reviews or vulnerability assessments
We offer
* Competitive salary
* Hybrid work and flexible hours
* A MacBook or Windows laptop
* Pension contributions, travel expenses, insurance
* On-site private health clinic and check-ups
* Work environment that respects diversity and individuality
* Opportunities for professional development through Guilds, training, and courses
* Vacation options including stays at various cabins and travel destinations
* Support for attending events and expanding knowledge
* Standard perks: phone plan, broadband, hardware, gym, team activities, parties
Additional Information
We aim to connect experts across disciplines and industries, fostering collaboration and innovation. We’re committed to delivering better solutions for our clients by building a diverse and talented team from around the world.
Job Details
* Seniority level: Mid-Senior level
* Employment type: Full-time
* Job function: Information Technology
* Industry: Software Development
#J-18808-Ljbffr