MENU

Application Security Engineer

This position is focused on safeguarding an identity management platform, guiding teams to build secure software, leading vulnerability discovery and response, and fostering a security-first culture.

Permanent, Freelance

Remote

From 3000 EUR/m

Michal Šoltýs

Senior IT Recruiting Consultant

+421 902 050 368

michal.soltys@successfirst.eu

About the company

Our client is stablished EU-based organization founded in 2011, developing and supporting a leading open-source identity governance and administration (IGA) solution. Our platform helps organizations manage user accounts and access across the full lifecycle, improving security and operational efficiency. We foster an active global community and offer paid services through partners in 45+ countries

JOB DESCRIPTION

  • Perform and support security-focused code reviews and collaborate with developers on secure fixes
  • Simulate real-world attacker techniques against our applications, APIs, and cloud environments
  • Perform penetration tests of applications, APIs with default product configurations
  • Act as the first line of defense for bug bounty submissions: triage reports, assess exploitability, and validate findings
  • Conduct vulnerability scanning, analysis and risk prioritization od findings
  • Support incident response by analysing reported security threats and proposing/implementing fixes
  • Prepare security advisories and vulnerability disclosures
  • Assist with threat modeling and risk assessment alongside security architect and CPO
  • Stay updated with OWASP Top 10, NIST, secure coding, secure design practices and emerging threats, advising product development teams
  • Integrate and maintain security testing tools into CI/CD pipelines (SAST/DAST, SCA, IaC scanning)
  • Deliver developer training using insights from red team exercises, bug bounty findings, and real-world exploits

Requirements

  • Proven experience in application security, penetration testing, or red teaming
  • Strong knowledge of OWASP Top 10, common vulnerabilities (SQLi, XSS, CSRF, RCE) and NIST frameworks
  • Solid software development background (Java, Python)
  • Familiarity with cloud security testing and common misconfigurations
  • Experience with bug bounty platforms or vulnerability disclosure programs
  • Excellent communication skills for technical and non-technical audiences
  • Experience with product development is an advantage
  • Familiarity with identity management is a plus
  • English at B2 level or higher
  • Able to work independently, collaboratively, and with customers

BENEFITS

  • Remote-first: work from home or join offices in Bratislava and Košice
  • Professional open source: contribute to a major open-source identity project
  • Public profile: build your personal brand through open development
  • Self-development: strong support for learning and career growth
  • Freedom at work: flexible hours, no micromanagement, choose your tools
  • Room for pet projects: allocate time for personal initiatives
  • Meritocracy: responsibilities and progression based on competence and results
  • Pro-employee environment: extra vacation, bonuses, career and training opportunities
  • Flexible workweek: potential for a negotiated 4-day work week based on result
Last update: 8.4.2026
📄 Stiahnuť PDF s ponukou

I am interested in the offer.

IT Staffing

HR Consulting

IT Job Search

NAVIGATION
FOLLOW US
Linkedin
Legal

COPYRIGHT

2026

| SuccessFirst s.r.o. All rights reserved

Website created and maintained by WEBPRELUDI.SK

info@successfirst.eu
IT Professionals
+421 905 253 078
Companies
+421 905 464 455