Application Security Engineer | JobSetuu

Nebius

Czechia, Europe, Germany, Netherlands, UK

['Full-Time']

Posted 4 घंटे पहले • Via jobicy.com

Description

Job Overview

Source: Jobicy

Job Description

About Nebius:

Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.

Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.

Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

The role

The Security Engineering Team within the Platform Security organization is responsible for the strategic selection, implementation, management, and optimization of cybersecurity tools and technologies that improve security capabilities of the organization's platform. This team is instrumental in fortifying the security posture, proactively identifying and responding to security threats, ensuring the resilience and protection of critical data, systems, and services.

We are looking for an Application Security Engineer who will ensure the security of our software by identifying and mitigating vulnerabilities, implementing best security practices, and collaborating with development teams. The ideal candidate will have a strong background in secure coding, vulnerability assessment, and penetration testing.

Your responsibilities will include:

Build and maintain ASPM tools and their rules.
Identify, analyze, and remediate application security vulnerabilities using tools like ASPM.
Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC).
Conduct manual and automated penetration testing of applications.
Develop and maintain secure coding guidelines for development teams.
Facilitate threat modeling and risk assessments on new and existing applications.
Stay updated on the latest security threats, vulnerabilities, and mitigation techniques.
Serve as an application security subject matter expert to other teams.

We expect you to have:

4+ years of experience in application security.
Strong knowledge of common application security risks (e.g. OWASP Top 10) and how to mitigate them.
Experience with secure coding practices in languages such as Python, Go, Java, or JavaScript.
Proficiency in a common programming language (such as Go or Python) with a willingness to learn Go, if necessary.
Hands-on experience with security testing tools (Burp Suite, ZAP, Semgrep, etc.).
Understanding of authentication protocols like SAML or OIDC.
Experience in conducting threat-modeling sessions.
Strong problem-solving and analytical skills.
Good written and verbal communication skills in English.
Willingness to learn new things.
Being comfortable working independently.

It would be an added bonus if you had:

Confidence in presenting your ideas and opinions in a manner that can be challenged, while responding well to feedback.
Experience in designing, building, and maintaining security automation.
Experience in translating compliance and regulation requirements into technical specifications.
Experience in exploiting vulnerabilities in web applications, Linux kernels, containers, and networks.
Security certifications such as OSCP or OSWE.

We conduct coding interviews as part of the process.

Pay Transparency

We offer competitive compensation and benefits packages. Actual compensation will be determined based on job-related factors, including experience, skills, qualifications, the level at which the candidate is hired, and geographic location, consistent with applicable law.

Base Compensation Range

€75.000—€240.000 EUR

Benefits & Perks:

Competitive compensation
Career growth and learning opportunities
Flexibility and ownership
Collaborative and innovative culture
Opportunity to work on impactful AI projects
International environment and talented teams

What's it like to work at Nebius:

Fast moving - Bold thinking - Constant growth - Meaningful impact - Trust and real ownership - Opportunity to shape the future of AI

Equal Opportunity Statement:

Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.

Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire.

If you need accommodations during the application process, please let us know.

Expert Career Tips for Application Security Engineer Roles

To succeed in a competitive market as a Application Security Engineer, you need more than just technical skills. Here are some expert strategies to elevate your profile:

Build a Strong Portfolio: For technical roles, a clean GitHub or a personal project site is essential. For non-technical roles, a case study portfolio demonstrating problem-solving and impact is equally valuable. Show, don't just tell, what you have achieved in your previous positions.
Master the Narrative: When interviewing, use the STAR method (Situation, Task, Action, Result) to structure your answers. Quantify your results wherever possible—mentioning "increased efficiency by 20%" is much more impactful than saying "improved efficiency."
Continuous Learning: The industry moves fast. Whether it's staying updated with the latest AI tools or mastering a new management methodology, continuous professional development is key. Consider obtaining industry-recognized certifications that align with Application Security Engineer requirements.
Networking: Connect with other professionals in similar roles. Join online communities, attend webinars, and engage in meaningful discussions on professional social networks. Often, the best opportunities come through referrals and community engagement.
Soft Skills Matter: Communication, empathy, and leadership are often the deciding factors between two equally qualified technical candidates. Cultivate these skills as they are universally valued across all industries and seniority levels.

Additionally, research the specific company's culture and values. Tailoring your application to show how you align with their mission can significantly increase your chances of moving forward in the process.

Salary & Compensation

Salary not disclosed; typically competitive for the role.

Work Arrangement

Type: On-Site

Standard business hours at the office.

Comprehensive Application Strategy & Hiring Process

Applying for a new role is a marathon, not a sprint. Follow this strategic approach to maximize your success rate:

1. Initial Research & Tailoring

Don't send the same resume to every employer. Spend at least 30 minutes researching the company. Look for recent news, their product roadmap, and their team structure. Modify your summary and core competencies to reflect the specific keywords found in the job description.

2. The Perfect Cover Letter

If the application allows for a cover letter, use it to tell a story that your resume cannot. Explain why you are passionate about this specific company and how your unique background makes you the perfect fit for the challenges they are currently facing.

3. Navigating the Multi-Stage Interview

Most modern hiring processes involve 3-5 stages. This typically includes a recruiter screen, a technical or skill-based assessment, a peer interview, and a final leadership round. Prepare for each stage differently: focus on enthusiasm and fit for the recruiter, technical depth for the assessment, and strategic vision for the leadership round.

4. Post-Interview Follow-Up

Always send a personalized thank-you note within 24 hours of each interview. Reference a specific topic discussed during the call to demonstrate your active listening and genuine interest in the role.

By following these steps, you demonstrate a high level of professionalism and attention to detail that sets you apart from the average applicant.

Typical Interview Process

Resume screening
HR call
Skill interview
Final manager interview
Offer

Tip: Research the company's products and culture.

Global Market Intelligence & Relocation Insights

At JobSetuu, we specialize in helping talent navigate the global job market. Here is what you need to know about the current landscape in Global and beyond:

The demand for skilled professionals is increasingly borderless. For roles based in Global, understanding the local cost of living, visa requirements (if applicable), and cultural nuances is vital. If this is a remote role, consider the time zone alignment and the asynchronous communication culture of the hiring organization.

Relocation Support: Many forward-thinking companies offer relocation packages that include moving stipends, temporary housing, and legal assistance with work permits. When evaluating an offer, look beyond the base salary—consider the total compensation package, including equity, bonuses, and healthcare benefits.

Work-Life Balance Trends: Hybrid and remote work have become standard in many regions. Research the local labor laws and common practices regarding work hours and vacation time to ensure the role aligns with your lifestyle goals.

Leveraging JobSetuu's tools can help you compare salaries across different cities and understand the "purchasing power" of your potential offer, ensuring you make an informed decision for your long-term career path.

Skills & Competency Roadmap for Professional Development

To remain competitive in Professional Development, we recommend focusing on the following core competencies over the next 12-18 months:

Technical Mastery: Deepen your expertise in the core tools and languages relevant to your field. For developers, this might be cloud architecture; for marketers, it might be data-driven attribution modeling.
AI Augmentation: Learn how to leverage generative AI and automation tools to increase your productivity. Understanding how to integrate these technologies into your workflow is becoming a non-negotiable skill.
Leadership & Strategy: Even in individual contributor roles, the ability to think strategically and lead projects from inception to completion is highly valued. Focus on stakeholder management and high-level project planning.
Data Literacy: The ability to interpret data and use it to drive decisions is essential across all business functions. Familiarize yourself with data visualization and basic analytical concepts.

By investing in these areas, you not only prepare yourself for the role you are applying for today but also build a resilient foundation for the opportunities of tomorrow.

Apply via JobSetuu

Discover your next career milestone on JobSetuu. This Application Security Engineer position is part of our commitment to bringing you the most relevant and high-impact job openings globally. At JobSetuu, we simplify your job search by aggregating premier listings and providing the tools you need to stand out. Don't miss the chance to elevate your professional journey—explore more opportunities and career insights on our platform today.