Cyber Security Engineer Application Security 15078

Om jobbet

Veritaz is a leading IT staffing solutions provider in Sweden, committed to advancing individual careers and aiding employers in ensuring the perfect talent fit. With a proven track record of successful partnerships with top companies, we have rapidly grown our presence in the USA, Europe, and Sweden as a dependable and trusted resource within the IT industry.

Assignment Description:

We are looking for a Cyber Security Engineer to join our team.

What you will work on:

Promote secure coding practices through developer training, guidelines, and security documentation

Review application source code to identify vulnerabilities and provide clear, actionable remediation feedback

Design and implement security architecture, controls, and guardrails for new and existing applications

Perform security assessments including threat modeling, attack surface analysis, and risk assessments

Implement and maintain application security tools to automate security testing across the SDLC

Support application security incident response, including root cause analysis and remediation activities

Collaborate closely with development, DevOps, and IT security teams to embed security into delivery pipelines

Monitor security metrics and contribute to reporting on security posture, risks, and compliance status

Communicate complex security concepts clearly to both technical and non-technical stakeholders

What you bring:

Experience working with programming languages such as C#, Rust, Python, or JavaScript

Strong understanding of application security principles and secure coding best practices

Solid knowledge of security concepts including network security, encryption, identity and access management

Hands-on experience with application security tools and processes such as SAST, DAST, SCA, and vulnerability scanning

Practical experience with tools such as SonarQube, OWASP ZAP, Nessus, Invicti, or similar

Knowledge of established security frameworks and standards including OWASP Top Ten, NIST, IEC 62443, and ISO 27001

Experience working with cloud platforms such as AWS, Azure, or Google Cloud and their native security services

Hands-on experience with containerization and orchestration technologies, including Docker and Kubernetes

Strong communication skills with the ability to explain security risks and solutions to non-technical audiences

Relevant security certifications such as CEH, CISSP, or OSCP are considered a plus