Application Security Engineer

NIX Tech, a global supplier of software engineering and IT outsourcing services, is looking for a Application Security Engineer in its office in Budapest (Vaci Green, 13th district). You’ll be part of a team of professionals who are ready to find the best tailor-made IT solutions for their multinational clients in various industries and solve complex problems.

Role and Responsibilities:

• Perform web and mobile applications vulnerability assessments and penetration testing activities
• Effectively communicate and coordinate with engineers, leads, and stakeholders to deliver quality and security to the product
• Write client reports with your findings and recommendations using your top-notch English writing skills and exceptional attention to detail
• Provide support to product owners in fixing vulnerabilities
• Triage SAST and DAST scan findings
• Participate in the development of team processes
• Train and educate developers and teams in secure coding techniques, including using supporting toolsets and enabling them to self-service
• Continuously develop professional knowledge and skills

Required Technical and Professional Expertise:

• 3+ years of professional experience with web and mobile application security and at least 1 year of ethical hacker/pentester experience
• Strong knowledge of web and mobile security fundamentals
• Solid understanding of testing methodologies (OWASP WSTG/MSTG or similar application security methodologies)
• Strong understanding of web applications’ most critical security risks (OWASP Top 10)
• Solid knowledge of the various vulnerability types, their root causes, exploitation techniques, and mitigation patterns
• Hands-on experience in web vulnerability finding and exploitation
• Hands-on experience in software application security and standard penetration testing tools: Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.
• Knowledge of IT technologies: network protocols, web, cloud,  operating systems, database systems, etc.
• Basic knowledge of one or more multi platform scripting languages (e.g., Python)
• Experience in software development practices and methodologies (SDLC)

Nice to Have:

• Programming/development experience
• Knowledge of pipeline and CI/CD principles and embedding security across the CI/CD roadmap (SSDLC)
• Understanding and hands-on experience in cloud security (AWS/Azure)
• Experience in threat modeling activities
• Bug bounty experience
• Awareness of privacy and security regulations and compliance frameworks
• Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.

What we offer:

• Stable long-term work environment
• Competitive salary with a flexible system of revisions
• Benefits and social packages
• Comfortable A+ office in the 13th district of Budapest (Vaci Green)
• Every necessary tool and device in the office will be provided to comfortably perform all project tasks: computers, meeting rooms, spacious modern kitchens with professional coffee machines, comfortable recreation areas with game consoles, board games, and a selection of literature for every taste
• Paid English courses and conversation clubs
• Opportunities for professional and personal growth
• Mentoring program, internal and external professional training programs
• Support and care from our friendly team

If you feel you’re ready to join this team, email your resume to [email protected] or fill out a resume form now, and put an online interview on your schedule at your convenience. We’re already looking forward to meeting you!