Remote Senior App Security Engineer Cloud & Devsecops

We’re BrainRocket — an international software development and digital solutions company driven by 1,300 talented professionals across Cyprus, Malta, and Portugal. Here, everything moves at rocket speed: driving innovation, pioneering projects, and fast-tracking careers. Together, we turn ideas into action — let’s get started! We invite a Senior Application Security Engineer to join our team remotely . ✔️ Demonstrated ability to collaborate with other teams to achieve complex objectives. ✔️ Responsible for security architecture design from cloud infrastructure to application through the implementation of \"secure by design\" principles. ✔️ Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products. ✔️ Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines. ✔️ Define required policies, controls, and capabilities for the protection of products and environments. ✔️ Build and validate declarative threat models automation. ✔️ Participate in engineering teams’ product planning cycles and committees. ✔️ Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS. ✔️ Serve as a trusted cyber security advisor to product and application teams. ✔️ Minimum of 5 years experience as an Application Security Engineer . ✔️ Experience integrating security scanning/tooling into development pipeline. ✔️ Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation). ✔️ Strong understanding of supply chain security, software integrity, and secure software delivery. ✔️ Experience with docker and mesh technologies (such as ISTIO). ✔️ Experience with architecture and security reviews, threat modeling and applications risk highly desired. ✔️ Experience working with Agile methodologies. ✔️ Knowledge of privacy laws and regulations, such as GDPR desired. ✔️ Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc. ✔️ In-depth experience with architecting secure services on Kubernetes. ✔️ Extensive experience with architecting secure services on AWS or on-prem data centers. ✔️ Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH is highly desirable. ✅ We offer excellent benefits, including but not limited to: Learning and development opportunities and interesting, challenging tasks. Opportunity to develop language skills, with partial compensation for the cost of English classes. Time for proper rest, with 20 working days of annual vacation. Competitive remuneration level with annual review. Bold moves start here. Make yours. Apply today! #J-18808-Ljbffr