сегодня

application security engineer

ориентир по рынку
вакансия зп не указана
в среднем 189 175 ₽
Загрузи резюме, чтобы видеть мэтчи с вакансией

генерация резюме под вакансию

Загрузи резюме в профиль, чтобы сгенерировать временное CV под эту вакансию

сопроводительное письмо

Загрузи резюме в профиль, а нейросеть определит твою категорию. Затем ты сможешь генерировать сопроводительные письма для вакансий этой категории

описание

Itransition is a global software development company that provides custom software engineering, digital transformation, and IT consulting services to clients across various industries.

задачи

  • Support Software Composition Analysis (SCA) processes and open-source license compliance activities;
  • Implement and maintain secret detection practices, including pre-commit hooks and CI/CD secret scanning;
  • Participate in vulnerability management activities: vulnerability scanning, triage and prioritization, Jira ticket tracking, remediation follow-up and SLA monitoring;
  • Collaborate with engineering teams to improve Secure SDLC and CI/CD security practices;
  • Support security tooling integrations within CI/CD pipelines;
  • Maintain security-related documentation and assist with audit and compliance activities;
  • Contribute to asset inventory and security governance processes;
  • Work with development and infrastructure teams to improve overall security posture.

требования

  • 2–5 Years of experience in Application Security, Product Security, DevSecOps, Security Operations, or related cybersecurity roles;
  • General understanding of Secure SDLC and application security principles;
  • Experience working with security tools or processes related to vulnerability management, CI/CD security, or dependency/security scanning;
  • Familiarity with Jira or similar ticketing systems;
  • Understanding of common application security risks and vulnerabilities;
  • Ability to document processes and communicate effectively with technical teams;
  • English skills sufficient for technical communication and participation in project discussions;
  • Nice to have: Hands-on experience with SCA tools (FOSSA, Snyk, Mend, Black Duck), familiarity with open-source license compliance, experience with secret detection tools, pre-commit hooks, CI/CD secret scanning, experience integrating security controls into GitHub Actions, familiarity with vulnerability remediation workflows and SLA tracking, experience with asset inventory tools like NetBox, experience supporting audits or compliance initiatives (ISO 27001, SOC 2), familiarity with SAST, DAST, container scanning, cloud security tooling, and experience working in cloud-native or Kubernetes environments.

условия

  • Competitive compensation based on qualification and skills;
  • Career development system with clear skill qualifications;
  • Flexible working hours;
  • Corporate medical insurance;
  • Online English courses;
  • Corporate parties and events;
  • Internal conferences, workshops, and meetups;
  • Gym membership compensation;
  • 5 Days of paid sick leave per year without a certificate.

Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.

прозрачные зарплаты в IT

Анонимные данные по зарплатам и грейдам

Посмотреть
График динамики зарплат
Откликнуться Добавить в трекер

Если просят войти через iCloud, отправить коды из SMS, запустить код, что-то установить, перевести деньги или сделать что угодно, связанное с деньгами, не соглашайтесь: это признаки мошенничества.