Application Security Engineer
Nebius
Job Overview
Who's the hiring manager?
Sign up to PitchMeAI to discover the hiring manager's details for this job. We will also write them an intro email for you.
Job Description
About Nebius
Nebius operates at the cutting edge of AI-native cloud infrastructure, and we're growing fast! We're looking for an Application Security Engineer who can work alongside some of the most experienced and innovative leaders, engineers, and operators anywhere in the world.
We need an Application Security Engineer with extensive experience in secure coding, vulnerability assessments, and penetration testing. You'll be key to identifying and mitigating vulnerabilities, implementing security best practices, and collaborating closely with development teams to keep software secure.
What You'll Do
- Building and maintaining ASPM tools and their rules.
- Identifying, analysing, and remediating application security vulnerabilities using tools like ASPM.
- Collaborating with development teams to integrate security best practices into the SDLC.
- Conducting manual and automated penetration testing of applications.
- Developing and maintaining secure coding guidelines for development teams.
- Facilitating threat modeling and risk assessments on new and existing applications.
- Staying updated on the latest security threats, vulnerabilities, and mitigation techniques.
- Serve as an application security subject matter expert to other teams.
What We Expect
- 4+ years of experience in application security.
- Strong knowledge of common application security risks (e.g., OWASP Top 10) and how to mitigate them.
- Experience with secure coding practices in languages such as Python, Go, Java, or JavaScript.
- Proficiency in a common programming language (such as Go or Python) with a willingness to learn Go, if necessary.
- Hands-on experience with security testing tools (Burp Suite, ZAP, Semgrep, etc.).
- Understanding of authentication protocols like SAML or OIDC.
- Experience in conducting threat-modeling sessions.
- Strong problem-solving and analytical skills.
- Good written and verbal communication skills in English.
- *Bonus points* for deep understanding of Kubernetes security practices.
The Interview Process
We have a high talent bar at Nebius & our interview process is thorough. The process consists of a Tech Recruiter screening, coding interview, security interview, system design/threat modeling interview, and a final stakeholder interview.
Apply
If you're interested in working at real scale at the forefront of AI infrastructure and alongside extremely talented engineers & leaders, then please apply here!
Key skills/competency
- Application Security
- Vulnerability Assessment
- Penetration Testing
- Secure Coding
- Threat Modeling
- SDLC Security
- OWASP Top 10
- Kubernetes Security
- ASPM Tools
- Risk Assessment
How to Get Hired at Nebius
- Research Nebius's culture: Study their mission, values, recent news, and employee testimonials on LinkedIn and Glassdoor.
- Tailor your resume for Application Security Engineer roles: Highlight experience in secure coding, vulnerability assessment, and penetration testing, using keywords like "OWASP Top 10," "SDLC security," and "threat modeling."
- Prepare for technical depth: Review secure coding practices (Python, Go, Java, JavaScript), security testing tools (Burp Suite, ZAP), and authentication protocols (SAML, OIDC). Practice coding interviews.
- Master system design and threat modeling: Be ready to discuss application architecture security, risk assessment, and mitigation strategies for cloud-native environments.
- Showcase problem-solving and communication skills: Articulate your approach to complex security challenges and demonstrate collaborative team interaction during the stakeholder interview.
Frequently Asked Questions
Find answers to common questions about this job opportunity
Explore similar opportunities that match your background