Application Security Engineer

As an Application Security Engineer, you will be working in a small team within ITSecurity. Your main responsibilities include code and security architecture reviews andproviding support and education related to technical security requirements andsecurity in DevOps to the development teams. You will also perform white-boxpenetration testing and vulnerability assessment of applications and APIs.

Who are you…?

As a colleague you are collaborative and capable of working with cross-functional teamlocated in several countries. You have the ability to communicate clearly, argueprofessionally and make decisions when needed. You are good with time management,and you are fluent with English, both spoken and written.

You also have:

• Professional experience in web application penetration testing

• Penetration testing tools and methods (e.g. Burp, OWASP ZAP, Nmap)

• Modern authentication / authorization (e.g. OAuth, OpenID Connect, JWT) and sessionhandling

• Development or scripting experience (e.g. C#, .NET)

• Experience in cloud environment and DevOps tools

It is seen as an advantage if you have previous experience in web applicationdevelopment, mobile application testing and/or Agile methodology. Also certiicates likeOSCP or OSWE are seen as a plus.

Our promise to you:

• International, modern and dynamic working environment in one of the leadinginsurance companies in Nordic & Baltic region

.• Challenging and exciting tasks to carry out, personal development and trainingopportunities within If Group based IT unit.

• Professional and friendly team

Job location – Vilnius, Riga, Tallinn