Application Cyber Security Engineer

Do you love cutting-edge tech and are passionate about engineering? Then this opportunity might be perfect for you!

About DSR Corporation

DSR Corporation has been the ideal end-to-end solution provider for hundreds of companies, from startups to the Fortune 500, since 1998. Since then, DSR has blossomed into 11 technical divisions, with highly-skilled, technologically-agnostic engineering resources and services in full-stack web, embedded, mobile, wireless, big data / analytics, scalable databases, system software, digital media, SSI / blockchain, and AI / computer vision. Our fully-managed teams and deep technical expertise enable us to provide world-class custom software solutions of any scale and complexity. This approach has allowed us to serve industry leaders like Netflix, Nordic Semiconductor, Seagate, Legrand, EDF, Amazon, Sysgo, and many others. The company has offices located around the world including Denver, Porto, Voronezh, Yokohama-city, and Tashkent.

Among our own products are ZBOSS, the Zigbee software protocol stack for IoT devices, zHome framework for smart home solutions (mobile app, back-end, IoT gateway), ZBOSS Open Initiative to maintain and improve the market-leading Zigbee PRO software platform together with heavyweight IoT market players. DSR's wholly-owned subsidiary, Noema, focuses on delivering the most up-to-date and reliable AI and Computer Vision solutions for security, manufacturing, retail, healthcare and smart homes/cities businesses.

Join our multinational team of seasoned software engineers! We're passionate about tackling complex tasks and sharing our unique software development expertise, accumulated over 25 years. With well-established workflows and transparent career paths, we're geared to boost your professional growth, regardless of your current experience level.

Let's change our world for the better by doing software right!

www.dsr-corporation.com | www.dsr-iot.com | www.dsr-zboss.com | www.dsr-zoi.com | www.noema.tech

Job Description

We are currently looking for an experienced Application Security Expert to join our team in the journey of practical cyber security and to ensure the security and resilience of our web and desktop applications. You will be involved in all stages of the software development lifecycle, focusing on identifying vulnerabilities, mitigating risks, designing secure architecture and implementing secure coding practices across multiple platforms. You will collaborate closely with development teams to integrate security by design and respond to evolving cyber threats.

Responsibilities:

• Work with development teams to design secure architecture, implement secure coding practices, provide code reviews, and improve application security posture.
• Address security requirements of web and desktop applications, identify weaknesses in design, architecture and code.
• Perform threat modeling and conduct security audits.
• Stay up-to-date with the latest security trends, exploits, and vulnerabilities, translating this knowledge into actionable improvements.
• Development of detailed documentation, detailed security assessment reports and remediation recommendations.

Requirements:

• 5+ years of experience in Web Application Software Development
• 3+ years of experience in Web Application Security
• MS (preferred) or BS degree in Computer Science or equivalent work experience
• Strong understanding of OWASP Top 10 and CWE Top 25.
• Hands-on experience with penetration testing and vulnerability assessment tools (e.g., Burp Suite, OWASP ZAP, Metasploit, Nmap, Snyk).
• Strong understanding of secure software development principles (secure coding, authentication, encryption).
• Experience with common web technologies (HTML, CSS, JavaScript, PHP ).
• Hands-on experience in scripting/coding, preferably in Python, JavaScript or Golang.
• Familiarity with SAST, DAST tools.
• Strong problem-solving skills.
• Technical leadership experience
• Experience working in distributed team
• Fluent English

Skill Keywords:

• OWASP
• ASVS
• NIST CSF 2.0
• CWE
• Secure Design
• Secure Coding
• Penetration Testing
• Vulnerability Assessment
• Web Application Development
• Web Application Security
• Desktop Application Security
• API Security
• Cryptography
• Burp Suite
• OWASP ZAP
• Metasploit
• Snyk
• Threat Modeling
• Security Automation
• JavaScript
• Node.js
• HTML
• CSS
• PHP
• SSL/TLS
• Nmap
• Wireshark
• Linux
• Windows
• Code Review
• Risk Assessment
• CORS

• Competitive salary and great benefits.
• Accelerated career growth.
• Flexible schedule and remote-friendly policy.
• Office in the center of Porto.
• Employer-sponsored health insurance.
• Strong work-life balance emphasis.
• Extra holidays.