Logo kununu GmbH

Application Security Engineer

Neu

kununu GmbH

Job

  • Level
    Erfahren
  • Job Feld
    IT, Security, Test/QA
  • Anstellung
    Vollzeit
  • Vertragsart
    Unbefristetes Dienstverhältnis
  • Gehalt
    60.000 bis 75.000€ Brutto/Jahr
  • Ort
    Wien
  • Arbeitsmodell
    Onsite

    • Job Zusammenfassung

    In dieser Rolle entwickelst du Sicherheitskontrollen für PHP- und JavaScript-Webanwendungen, führst Sicherheitsprüfungen durch und integrierst Sicherheit in CI/CD-Pipelines mit GitHub, während du AWS-Sicherheitslösungen implementierst.

    Job Technologien

    Deine Rolle im Team

    • You design, implement, and continuously improve application security controls for a PHP and JavaScript (NodeJS, React and NextJS) web application.
    • You embed security into the CI/CD pipeline using GitHub and GitHub Actions, from build to deployment.
    • You perform secure code reviews, threat modelling, and architecture reviews for new and existing features.
    • You analyse application traffic patterns to detect and mitigate malicious bots, scraping, and automated abuse.
    • You define application-aware bot protection controls using AWS WAF and Shield, including rate limiting, anomaly detection, and custom rules.
    • You validate bot mitigation effectiveness through testing, monitoring, and continuous improvement.
    • You define and operate Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and dependency-scanning tools, including policies for third-party and open-source components.
    • You help design and maintain automated security test suites for test environments and live systems (continuous validation).
    • You collaborate with Cloud Infrastructure teams to secure AWS workloads running on ECS (EC2 & Fargate), ALBs, Lambdas, and WAF.
    • You monitor, analyze, and respond to application-level security events using Security Hub, GuardDuty, CloudTrail, and WAF logs.
    • You lead vulnerability management for application and cloud services, including prioritization and remediation guidance.
    • You help shape kununu's application-security policies, standards, and secure design patterns.
    • You support incident response and post-incident reviews with a strong application-security focus.
    • You contribute to compliance efforts (e.g. GDPR, ISO 27001) from an application-security perspective.

    Unsere Erwartungen an dich

    Qualifikationen

    • Solid understanding of web security fundamentals (OWASP Top 10, authentication, authorization, session management, input validation).
    • Security Hub
    • GuardDuty
    • CloudTrail
    • AWS WAF & Shield
    • Strong understanding of secure design patterns and common application-security anti-patterns.
    • Familiarity with GitHub Actions and modern DevSecOps practices.
    • Comfortable scripting or automating security workflows (e.g. Bash, Python, or similar).
    • Strong communication skills and ability to work closely with developers and stakeholders.
    • Fluent in English (Portuguese is a plus).

    Erfahrung

    • Strong experience in application security, ideally for PHP-based web applications.
    • Hands-on experience with AWS security services, especially:
    • Experience securing containerized workloads on ECS (EC2 & Fargate) and understanding of ALBs and Lambdas.
    • Proven experience with SAST, DAST, and dependency-scanning tools (e.g. Snyk, Dependabot, Trivy, OWASP ZAP, Burp).
    • Experience defining or maintaining automated security tests for CI/CD pipelines and runtime validation.

    Benefits

    Essen & Trinken

    Work-Life-Integration

    Gesundheit, Fitness & Fun

    Mehr Netto

    Job Standorte

    Map of company locations

    • Standort Wien

      Österreich

    Themen mit denen du dich im Job beschäftigst

    Das ist dein Arbeitgeber

    kununu GmbH

    kununu GmbH

    Wien

    kununu ist die größte Arbeitgeber-Bewertungsplattform in Europa und bietet aktuell knapp 1,5 Millionen Bewertungen zu 300.000 Unternehmen an. Hier können Mitarbeiter, ehemalige Mitarbeiter, Bewerber und Lehrlinge ihre Erfahrungen mit verschiedensten Betrieben teilen: Von den Arbeitsbedingungnen über Karrieremöglichkeitene bis hin zum Gehalt.

    Description

  • Gründungsjahr
    2007
  • Sprachen
    Englisch
  • Unternehmenstyp
    Etablierte Firma
  • Arbeitsmodell
    Full Remote, Hybrid, Onsite
  • Branche
    Personaldienstleistung, Internet, IT, Telekom

    • Dev Reviews

    by devworkplaces.com

    Gesamt

    (1 Bewertung)
    2.0

    • Career Growth

      0.0

    • Culture

      0.0

    • Engineering

      2.0

    • Workingconditions

      0.0
    Alle Dev Reviews auf devworkplaces.com
    Logo kununu GmbH

    Application Security Engineer

    kununu GmbH
    Gehalt
    60.000 bis 75.000€ Brutto/Jahr
    Ort
    Wien
    Arbeitsmodell
    Onsite
    Diversität
    Für alle Personen geeignet (m/w/d)

    Weitere Jobs