Nebius is seeking an experienced Application Security Engineer to work alongside innovative leaders and engineers. The successful candidate will identify and mitigate vulnerabilities, implement security best practices, and collaborate with development teams to keep software secure.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
Nebius operates at the cutting edge of AI-native cloud infrastructure & we're growing, fast!
We're looking for an Application Security Engineer who can work alongside some of the most experienced and innovative leaders, engineers & operators anywhere in the world.
We need an AppSec Engineer with extensive experience in secure coding, vulnerability assessments, and penetration testing
You'll be key to identifying and mitigating vulnerabilities, implementing security best practices, and collaborating closely with development teams to keep software secure.
On top of that, you'll be:
- Building and maintaining ASPM tools and their rules.
- Identifying, analysing, and remediating application security vulnerabilities using tools like ASPM.
- Collaborating with development teams to integrate security best practices into the SDLC.
- Conducting manual and automated penetration testing of applications.
- Developing and maintaining secure coding guidelines for development teams.
- Facilitating threat modeling and risk assessments on new and existing applications.
- Staying updated on the latest security threats, vulnerabilities, and mitigation techniques.
- Serve as an application security subject matter expert to other teams.
We expect you to have:
- 4+ years of experience in application security.
- Strong knowledge of common application security risks (e.g. OWASP Top 10) and how to mitigate them.
- Experience with secure coding practices in languages such as Python, Go, Java, or JavaScript.
- Proficiency in a common programming language (such as Go or Python) with a willingness to learn Go, if necessary.
- Hands-on experience with security testing tools (Burp Suite, ZAP, Semgrep, etc.).
- Understanding of authentication protocols like SAML or OIDC.
- Experience in conducting threat-modeling sessions.
- Strong problem-solving and analytical skills.
- Good written and verbal communication skills in English.
- *bonus points* for deep understanding of Kubernetes security practices.
We have a high talent bar at Nebius & our interview process is thorough. The process consists of a Tech Recruiter screening, coding interview, security interview, system design/threat modelling interview & final stakeholder interview.
If you're interested in working at real scale at the forefront of AI infrastructure and alongside extremely talented engineers & leaders then please apply here!