Senior Application Security Engineer

Intellectsoft is a software development company delivering innovative solutions since 2007. We operate across North America, Latin America, the Nordic region, the UK, and Europe.We specialize in industries like Fintech, Healthcare, EdTech, Construction, Hospitality, and more, partnering with startups, mid-sized businesses, and Fortune 500 companies to drive growth and scalability. Our clients include Jaguar Motors, Universal Pictures, Harley-Davidson, Qualcomm, and London Stock Exchange.Together, our team delivers solutions that make a difference. Learn more atwww.intellectsoft.net

You’ll contribute to a cutting-edge platform designed for financial institutions and enterprises to launch and manage regulated stablecoins. The system empowers users to earn revenue from reserves and grow their digital ecosystems through integrated features like compliant stablecoin issuance, secure asset custody, and streamlined orchestration for cross-border transfers, on/off-ramping, and currency conversion. Leveraging our robust infrastructure and APIs, organizations can build, scale, and govern their stablecoin operations with enhanced efficiency, compliance, and profitability.

• Proven 5+ years of commercial expertise in software development using Rust or Go.
• 2+ years of experience in application security, with a focus on secure software development.
• Deep understanding of common software vulnerabilities and exploitation techniques (e.g., memory safety, race conditions, injection flaws, deserialization attacks).
• Hands-on experience performing secure code reviews, threat modeling, and vulnerability assessments of modern applications.
• Familiarity with static application security testing (SAST) and dynamic application security testing (DAST) tools, and experience interpreting their results.
• Proficiency with secure design principles such as least privilege, defense in depth, secure defaults, and threat mitigation strategies.
• Experience integrating security testing into CI/CD pipelines and DevSecOps workflows.
• Knowledge of cryptographic best practices, including key management, secure protocols, and implementation pitfalls.
• Ability to assess the security posture of open-source dependencies and apply appropriate remediation strategies.
• Understanding of supply chain security, secure software lifecycle (SSDLC), and SBOM (Software Bill of Materials) practices.
• Strong knowledge of container security (Docker, Kubernetes), and cloud-native security controls (AWS, GCP, or Azure).
• Working knowledge of compliance standards such as ISO 27001, PCI DSS, and SOC 2.
• Upper-Intermediate English level.
• Be able to overlap minimum 6 hours with US Eastern Time (EST)

Nice to have skills

• Experience with blockchain technology or smart contract security.
• Security certifications (e.g., OSCP, CEH, CSSLP, GIAC).
• Experience with financial services or fintech security requirements (e.g., PCI DSS, SOC 2).

• Perform security-focused code reviews and audits for applications written in Rust or Go.
• Develop and integrate security features, such as input validation, encryption, and authentication mechanisms.
• Build tools to automate vulnerability detection and enforce secure coding standards.
• Work with development teams to address security issues and implement secure design patterns.
• Monitor and respond to new vulnerabilities in open-source dependencies and runtime environments.
• Contribute to internal security training and best practice guidelines.
• Participate in threat modeling, penetration testing, and security architecture reviews.

• 35 absence days per year for work-life balance
• Udemy courses of your choice
• English courses with native-speaker
• Regular soft-skills trainings
• Excellence Сenters meetups
• Online/offline team-buildings