Engineering Manager (AppSec)

• Lead the security aspects of the product design throughout a project.
• Management and development of the application security and DevSecOps engineering team
• Demonstrated ability to collaborate with other teams to achieve complex objectives
• Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
• Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
• Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
• Define required policies, controls, and capabilities for the protection of products and environments.
• Participate in engineering teams’ product planning cycles.
• Serve as a trusted cyber security advisor to product and application teams.

• Minimum of 2 years in a management role and 5 years total experience with information security
• Experience integrating security scanning/tooling into the development pipeline.
• Experience in analyzing and securing microservices and applications developed using golang.
• Familiar with CI/CD pipelines (such as Gitlab/Github actions) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
• Hands-on development experience in Python/shell scripting.
• Familiar with docker and mesh technologies (such as ISTIO).
• Experience with architecture and security reviews
• Familiar with threat modeling and applications risk management.
• Experience working with Agile methodologies.

Preferred qualifications

• In-depth experience with architecting secure services on Kubernetes.
• Extensive experience with architecting secure services on AWS/GCP.
• Security-related professional certifications e.g., CISSP, CISM, OSCP, OSWE

• Stable salary, official employment, health insurance.
• Relocation package offered to candidates from different regions.
• Full coverage of business trip expenses, including daily allowances for employees engaged in travel-related tasks.
• Hybrid work mode and flexile schedule.
• All the necessary work equipment.
• A diverse array of internal training programs.
• Partially or fully funded additional training courses.
• Monthly corporate 'Fun Days' in various engaging formats.
• Meaningful gestures on special occasions - company gifts to celebrate weddings, new arrivals, and birthdays.