Senior Application Security Engineer
Information Security Budapest, Hungary
Liferay is a uniquely profitable open source software company with 850+ fiery-eyed employees scattered across the known world. Our flagship product is Liferay Digital Experience Platform which companies like HP, Barclays, and Coach use to build great web experiences for their customers and employees. Along with making cool software, we have a greater-than-profit vision that fuels us. We give employees 5 days paid off to volunteer at charities they’re excited about and we donate a portion of our profits to various charities around the world each year. Oh, we’re also self-funded which gives us the freedom to work on whatever we think brings the most value to customers and communities in the long run.
- Conduct application security code reviews of Liferay applications (esp. Liferay’s SAAS, PAAS offerings), identify design flaws and vulnerabilities, help Engineering team to address the findings
- Lead security reviews and threat modelling of new features, architecture changes and security tests
- Identify security gaps in the software development lifecycle and enforce use of security practices through automation
- Perform security assessments of the application
- Organize and manage security vulnerabilities from identification to resolution (security vulnerability management)
- Cooperate with various product teams to secure the build and release pipeline
- Work with Information Security team on improving Application Security program through policies and procedures
- Improve product protections based on new threats and vulnerabilities
- Support team members with the best security practices, tools and procedures, documentation, raise security awareness and help with security trainings
- Bachelor's degree in computer science or equivalent
- 2+ years security experience
- Strong understanding and experience with security libraries, security controls implementation and security vulnerabilities
- General security experience and knowledge of internet protocols, networking and application level attacks
- 5+ years software development experience
- Experience with REST APIs, GraphQL or both
- Experience in Agile software development
- Excellent communication skills
- Ability to identify repeatable processes and automate them quickly
- Professional experience with NodeJS
- Professional experience with React
- Professional experience with Java
- Professional experience with Kubernetes
- Professional experience with cloud environment like GCP, Azure or AWS
- Experience leading small teams (2 to 4 devs)
- Knowledge of OWASP Application Security Verification Standard and OWASP SAMM
- Experience with bug hunting or penetration testing
WHAT WE OFFER
- We provide a Premium Generali Company Health Care package to all of our employees.
- Our colleagues enjoy a broad range of post work social activities.
- We ensure to mark all events and enjoy office party celebrations.
- Our working environment is very enjoyable, spacious and bright with excellent faculties.
- We have large cooking and entertaining areas, gaming rooms, team building environments and a healthy balance of competition/social networking.
- We are known for our fabulous team cultural meals on-site. Why not bring your culinary skills to the office.
- Our workplace supports a hybrid system that enables Remote Work and Office Work at the same time.
- Our office is 10 minutes walk from the Gyöngyösi utca Metro Station. We also have extensive Bicycle parking and Car Parking availability.
- We support and contribute to our communities through our Employee Volunteering Programme.
- You are at the right place - Liferay Hungary has won the "Best Employer" prize in 2020 by Kincentric! Check it out here.
Equal Opportunities Employer - Statement
Liferay is committed to the equal treatment of all candidates, customers and employees and to fostering a culture of dignity at work. Our operating procedure provides for equal opportunities in recruitment and employment with the aim to eliminate discrimination against any job applicant or employee on the basis of race, age, sexual orientation, gender or gender reassignment, religion or beliefs, marital or civil partnerships status, family or dependency status, disability, pregnancy and maternity or membership of a travelling community.