Senior Application Security Engineer

OnShift

OnShift

Poland · Remote
Posted on Nov 20, 2024

About ShiftKey

ShiftKey is a platform that is disrupting the way healthcare facilities find licensed and certified professionals to fill available shifts. Leveraging marketplace dynamics and deep industry knowledge, the company is playing a vital role in mitigating America’s healthcare staffing shortages, enabling direct connections between facilities and healthcare professionals. By offering the opportunity to work as much or as little as they choose and putting the power back into the hands of healthcare workers, ShiftKey is bringing more licensed professionals back into the workforce, a solution that is solving a major crisis in healthcare. For more information, visit www.ShiftKey.com.

The role

We're looking for a Senior Application Security Engineer to join our global Information Security team at ShiftKey. In this role, you’ll get to work with cutting-edge technologies, enjoy a high degree of autonomy, and help shape the future of our application security program. This position marks our second location in Poland, offering you a unique chance to collaborate with colleagues around the globe.

You’ll work with technologies like Veracode (dynamic and static scanning), AWS Security Stack (WAF, Guard Duty, Shield, Security Hub), Kafka, Jira, and Burp Suite.

Where you’ll work

You have to be located in Poland to be considered for this position. You’ll have the flexibility to choose between remote work or working from our office in Warsaw.

What you’ll be doing

  • Collaborating with software development teams to define and implement security requirements during the design and architecture phases of application development.

  • Defining and advocating secure coding practices and coding standards within development teams.

  • Providing guidance and training to developers on secure coding principles and techniques.

  • Automating security testing processes to seamlessly integrate security into the development lifecycle.

  • Collaborating with incident response teams to respond to and manage application-related security incidents.

  • Analyzing application vulnerabilities and offering expert guidance to development teams on effective remediation methods.

What you’ll need

  • Minimum of 5 years of experience in application security, secure application development, or related roles that contribute to a strong foundation in software development.

  • Proficiency in at least one scripting language (Python or JavaScript); additional languages are a plus.

  • Familiarity with application security frameworks (e.g., STRIDE, OWASP) and experience with development tools such as GIT.

  • Hands-on experience with application security testing tools (e.g., SAST, DAST, IAST); experience with a combination of these tools is preferred.

  • Strong analytical and problem-solving skills, with the ability to analyze complex security issues and articulate solutions clearly.

  • Proven ability to collaborate effectively with cross-functional teams, including development, operations, and compliance, while promoting a culture of security awareness through training, documentation, and regular communication.

Perks of working for ShiftKey

  • A high-growth, friendly, and engaging work environment with the potential for career development opportunities.

  • Above standard paid time-off policy.

  • Remote work option (we meet up once per quarter) or work in the office, whatever works for you!

  • Modern office, overlooking Vistula River with recreational facilities.

  • Private Medical Care.

  • Sport Card.

  • Life Insurance.

  • Latest work equipment.

#LI-Remote #LI-AT1

Our Commitment to Diversity

ShiftKey is an equal opportunity employer and is committed to embracing diverse and individual perspectives shaping our culture and contributing to the solutions that transform the world. We actively work to create an inclusive environment for employees to thrive.

EEO Statement

ShiftKey does not discriminate based on race, religion, color, sex, gender, gender identity, sexual orientation, age, non-disqualifying physical or mental disability, national origin, veteran status, or any other basis covered by applicable law. All employment is decided based on qualifications, merit, and business needs. ShiftKey is committed to providing reasonable accommodation to applicants with a mental or physical disability, please contact: accommodations@shiftkey.com