2,575 Open roles
94 Companies
160 Posted today
Jobs / SoftSwiss / Application Security Engineer
Posted 2026-06-29

Application Security Engineer

Description

SOFTSWISS is growing, and we are seeking a skilled Application Security Engineer to join our team. If you are driven by excellence and share our values, we would love to hear from you. Our goal is to make sure that we deploy secure software to production without unnecessary bottlenecks, that applications are properly hardened, and security vulnerabilities, once discovered, are fixed by the developers. As an Application Security Engineer, you will play a crucial role in ensuring the security of our applications throughout the entire software development lifecycle (SDLC). You will partner closely with the product teams to identify, analyze, and mitigate security vulnerabilities, contributing to the creation of trustworthy and robust products.

Responsibilities
  • Partner with product teams during the design phase to facilitate threat modeling and risk assessment sessions.
  • Perform in-depth manual code reviews on critical applications to identify logical vulnerabilities as part of white-box security assessments.
  • Tune and adjust rulesets for automated security scanning tools to reduce false positives and improve detection rates.
  • Develop scripts and automation tools to streamline workflows and free up time for more complex analysis.
  • Assist developers in understanding security risks and threats discovered during risk assessments, threat modeling, and dynamic testing.
  • Triage vulnerabilities from the bug bounty program, collaborating with external researchers and internal engineering teams to resolve discovered flaws.
  • Collaborate with Dev/QA teams throughout the development lifecycle to enhance the application’s security posture by providing dedicated security consulting, continuous knowledge sharing, and actionable guidance.
  • Develop and maintain the internal security knowledge base, including comprehensive secure coding guidelines and technical manuals for standard security features.
Requirements
  • 1.5+ years of experience in application security, software development, or related technical roles. (required)
  • Solid understanding of web fundamentals (e.g., HTTP/HTTPS protocols, cookie storage mechanisms, and session management). (required)
  • Knowledge of web application security mechanisms and controls (e.g., SOP, CORS, CSP). (required)
  • Comprehensive understanding of common web vulnerabilities (e.g., OWASP Top 10) and their practical mitigation strategies. (required)
  • Knowledge of secure system and application architecture alongside secure-by-design principles. (required)
  • Practical, hands-on expertise in identifying vulnerabilities through manual security assessments and secure code reviews. (required)
  • Ability to clearly articulate and explain the business impact of identified threats and vulnerabilities to developers and product teams. (required)
  • A strong security-first mindset with a continuous drive to learn and achieve excellence in the cybersecurity field. (required)
  • University degree in Computer Science, Information Security, or a related field (or an equivalent combination of education and practical experience). (required)
  • English and Russian proficiency at an upper-intermediate level (B2+). (required)
  • Passion about programming. (nice-to-have)
  • Technical knowledge of network and operating systems security. (nice-to-have)
  • Hands-on DevSecOps experience. (nice-to-have)
  • Practice of participation in bug bounty programs and/or CTFs. (nice-to-have)
  • Knowledge of SAST/DAST tools, including customization. (nice-to-have)
  • Relevant certifications (i.e., BSCP, eWPT, etc.). (nice-to-have)
Benefits
  • Private health insurance
  • Sports benefits
  • Comprehensive Mental Health Program
  • Free English lessons (online)
  • Local language courses
  • Paid time off
  • Maternity leave support
  • Referral program rewards
  • Upskilling, internal workshops, and participation in professional conferences and corporate events
About SoftSwiss

SOFTSWISS is a global tech expert with over 15 years of experience in providing innovative iGaming solutions. The company offers comprehensive software for online casinos, sports betting, and affiliate management. To expand its global presence, in 2024, SOFTSWISS acquired Turfsport, a leading South African betting software provider, and a significant stake in Ously Games GmbH, the company behind the fastest-growing European social casino, SpinArena.net. Additionally, the company appointed Formula 1 legend Rubens Barrichello as Non-Executive Director in Latin America, focusing on Brazil's growing market. SOFTSWISS is committed to transforming the iGaming and entertainment industry for the better through tech innovations. The Team helps operators and providers establish enduring partnerships by building profitable and scalable businesses.

Read more about SoftSwiss →

Apply on SoftSwiss →