Application Security Engineer
NIX Tech, a global supplier of software engineering and IT outsourcing services, is looking for a Application Security Engineer in its office in Budapest (Agora, 13th district). You’ll be part of a team of professionals who are ready to find the best tailor-made IT solutions for their multinational clients in various industries and solve complex problems.
Role and Responsibilities:
- Perform web and mobile applications vulnerability assessments and penetration testing activities
- Effectively communicate and coordinate with engineers, leads, and stakeholders to deliver quality and security to the product
- Write client reports with your findings and recommendations using your top-notch English writing skills and exceptional attention to detail
- Provide support to product owners in fixing vulnerabilities
- Triage SAST and DAST scan findings
- Participate in the development of team processes
- Train and educate developers and teams in secure coding techniques, including using supporting toolsets and enabling them to self-service
- Continuously develop professional knowledge and skills
Required Technical and Professional Expertise:
- 3+ years of professional experience with web and mobile application security and at least 1 year of ethical hacker/pentester experience
- Strong knowledge of web and mobile security fundamentals
- Solid understanding of testing methodologies (OWASP WSTG/MSTG or similar application security methodologies)
- Strong understanding of web applications’ most critical security risks (OWASP Top 10)
- Solid knowledge of the various vulnerability types, their root causes, exploitation techniques, and mitigation patterns
- Hands-on experience in web vulnerability finding and exploitation
- Hands-on experience in software application security and standard penetration testing tools: Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.
- Knowledge of IT technologies: network protocols, web, cloud, operating systems, database systems, etc.
- Basic knowledge of one or more multi platform scripting languages (e.g., Python)
- Experience in software development practices and methodologies (SDLC)
Nice to Have:
- Programming/development experience
- Knowledge of pipeline and CI/CD principles and embedding security across the CI/CD roadmap (SSDLC)
- Understanding and hands-on experience in cloud security (AWS/Azure)
- Experience in threat modeling activities
- Bug bounty experience
- Awareness of privacy and security regulations and compliance frameworks
- Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.
What we offer:
- Stable long-term work environment
- Competitive salary with a flexible system of revisions
- Benefits and social packages
- Comfortable A+ office in the 13th district of Budapest (Agora)
- Every necessary tool and device in the office will be provided to comfortably perform all project tasks: computers, meeting rooms, spacious modern kitchens with professional coffee machines, comfortable recreation areas with game consoles, board games, and a selection of literature for every taste
- Paid English courses and conversation clubs
- Opportunities for professional and personal growth
- Mentoring program, internal and external professional training programs
- Support and care from our friendly team
If you feel you’re ready to join this team, email your resume to [email protected] or fill out a resume form now, and put an online interview on your schedule at your convenience. We’re already looking forward to meeting you!