Senior Application Security Engineer

Are you passionate about strengthening application security and driving technological advancements within the realm of DevSecOps? Do you excel in collaborative environments where your contributions tangibly improve security processes and tools? We are seeking a driven and experienced professional to join our team as a Senior Application Security Engineer.

As part of this role, you will take on a critical function in enhancing our overall security framework by identifying threats, deploying mitigating controls, and automating security workflows. You'll collaborate closely with cross-functional teams, including SREs, developers, and product managers, to ensure that security is seamlessly integrated across all stages of the development lifecycle.

This position offers remote setup with the flexibility to work from any location in Georgia, whether it's your home, well-equipped offices in Tbilisi and Batumi or a coworking space in Kutaisi.

#LI-DNI

Responsibilities

• Take accountability for planning and coordinating internal initiatives
• Provide regular reports with key metrics on ongoing initiative progress
• Share updates with key stakeholders about the status of ongoing initiatives
• Act as the primary CISO liaison for SRE and Development teams
• Examine existing tools (Checkmarx, InsightAppSec, Mend, SemGrep, Qualys, ADO Pipelines, SonarQube) to explore integration and automation opportunities
• Prepare PoCs and guide MVP creation for automation solutions
• Collaborate with Development managers and application-supporting teams (SRE, SETs, QE) to achieve objectives
• Engage with vendors and oversee support requests, success stories, and effective tool utilization
• Contribute to the analysis and prioritization of security vulnerabilities identified in external testing activities
• Develop documentation for tools and processes and lead workshops to share progress organization-wide
• Assist Product Management in assessing and prioritizing security vulnerabilities

Requirements

• Knowledge of security threats and attack methods, such as OWASP Top 10 and Mitre Att&ck framework
• The ability to pinpoint application-specific security risks and apply mitigating controls through Threat Modeling
• Proficiency in using security testing tools (e.g., SAST, DAST)
• Understanding of and hands-on experience with DevOps principles, including CI/CD, test automation, shift-left security, cross-functional teamwork, and shared responsibility
• Familiarity with Agile methodologies and related project management practices, such as Scrum and Kanban
• Excellent communication skills

We offer

• We connect like-minded people:
  • Delivering innovative solutions to industry leaders, making a global impact
  • Enjoyable working environment, whether it is the vibrant office or the comfort of your own home
  • Opportunity to work abroad for up to two months per year
  • Relocation opportunities within our offices in 55+ countries
  • Corporate and social events
• We invest in your growth:
  • Leadership development, career advising, soft skills and well-being programs
  • Certifications, including Google Cloud Platform, Azure and AWS
  • Unlimited access to LinkedIn Learning and Get Abstract
  • Free English classes with certified teachers
• We cover it all:
  • Participation in the Employee Stock Purchase Plan
  • Monetary bonuses for engaging in the referral program
  • Comprehensive medical & family care package
  • Five trust days per year (sick leave without a medical certificate)
  • Benefits package (sports activities, a variety of stores and services)

EPAM Georgia is a team of innovators united by a passion for technology. The dynamic and inclusive culture we embrace helps positively impact our communities, clients, and employees. Here you will collaborate with multi-national teams, contribute to numerous cutting-edge projects, deliver the most creative solutions, and have an opportunity to learn. Our people are at the heart of our success, and we are proud to provide talents with a solid ground to develop and grow.