Application Security Engineer
Bucharest, RO
3 zile în urmă


In 2021, we are pursuing our ambitions to continue to enable organizations' digital transformation. We are looking for our new Application Security Engineer to join Axway's family.

Are you ready? Join us now!

Together we can. Together we will. Axway is an enterprise integration company that's been around for over 20 years to digitally transform enterprises of all sizes - more than 11,000 in 100 countries at last count.

Axway revitalizes heritage IT infrastructures to enable brilliant digital customer experiences, unlock new business innovation and capabilities, and put companies on a secure, future-proof path for growth.

You'll exchange ideas with a culturally rich global community of over 1,800 members who connect remotely or show up onsite in virtually every time zone on the planet.

And you'll have the support and camaraderie of your Axway leadership and colleagues to serve as a reminder that you're not alone on your journey, and that every day, you've taken one more step forward.

With Axway, you'll go far because we're better together. Learn more :


The Application Security Engineer is a member of the Product Security Group (PSG) in the R&D Department, a global group that focuses on supporting the delivery of secure products and services in cloud native and on-premise applications that serve numerous industries worldwide.

The Security Engineer provides support to Axway Software Engineers in the application of the Secure Software Development Lifecyle (SSDLC) for Axway products and services.

This position will have primary responsibility for driving and continuously improving the SSDLC, designing and supporting security controls, optimizing our use of security testing suites, providing training in secure coding, and evangelizing security best practices within Axway.

This position will also have a role in performing security reviews, vulnerability assessments, and guidance on the remediation and mitigation of security findings.


  • Understanding of application security threats, mitigating controls, as well as their applicability to cloud and on-premise environments
  • Ability to learn new products and technical concepts quickly
  • Successfully manage time and technical responsibilities, set accurate expectations and meet deliverable deadlines while working in a team environment
  • Strong communication skills and ability to understand challenges and problems facing engineering teams
  • Work with the product teams through the Axway SSDLC
  • Guide secure coding practices and processes
  • Guide secure architecture and secure product designs (Threat Modeling)
  • Support teams in applying security within the CI / CD / CD process (DevSecOps)
  • Support customers, development teams and PSG in technical analysis of tool outputs
  • Support the management, control and upgrade of selected SSDLC tool suites
  • Qualifications

  • Bachelor’s degree in Computer Science, Information Technology or related field / equivalent experience
  • 1-2 years of product security experience (preferably 1-2 years of development experience as well)
  • Hands-on experience in some of the following areas : threat modeling, dynamic and static analysis, attack surface analysis, software composition analysis, penetration testing, vulnerability remediation techniques, HTTP, XML, REST, C / C++, Java, Web Servers (Apache / IIS), Scripting languages (Javascript, Python, node.js, etc.)
  • Experience using Microsoft Office suite tools to create documents, presentations, and detailed drawings.
  • Technical writing, documentation, and communication skills are required.
  • Helpful Skills to Support the Responsibilities :

  • Experience in Secure Code Analysis
  • Static analysis, dynamic analysis, attack surface, and vulnerability tool experience
  • Strong technical understanding and aptitude for analytical problem-solving
  • Understanding of CVSS, CWE, OWASP, ASVS and SANS top 25
  • Knowledge of penetration testing methodologies or experience performing product penetration testing
  • Working knowledge of Crypto technologies and practices (PKI, Crypto libraries, TLS / SSL etc.)
  • Authentication and Authorization mechanics and protocols
  • Experience with Infrastructure as Code
  • Understanding of the system hardening processes, tools, guidelines and benchmarks.

  • Understanding of enterprise computing environments, distributed applications, and an understanding of TCP / IP networks
  • Comfortable working on both Linux-based and MS Windows-based system platforms
  • Understanding and experience in IH / IR
  • Secure system configuration and deployment of infrastructure
  • Career Development and benefits :

    This is what our candidates can expect from us if they choose to join our team :

  • Career development : Employee career development is one of Axway’s major company values; and we are deeply committed to helping them leverage the promotion and job mobility opportunities that are right for them.
  • An important training plan ( technical, product & functional ) in order to insure your integration and your performance
  • A competitive remuneration package and real benefits (private medical insurance and dental, gym access, meal tickets, Bookster, Safari, Amazon E-library, team-buildings, Christmas Party, fruit day etc)
  • A future and a potential for growth in an international company
  • A very friendly working environment with experienced professionals
  • Get challenged with important tasks so they can show their full potential and obtain new skills
  • Working time that can be flexible when needed
  • More paid vacation ( 25 days / year )
  • Remote work policy , hybrid model (60% remote work, 40% office work)
  • Open office space with various entertainment opportunities table tennis, sports and more!
  • In addition, Axway’s global presence creates opportunities for geographical mobility within Axway subsidiaries.

    Raportați această lucrare

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    Email-ul meu
    Făcând clic pe "Continuă", acord nevoo consimțământ de a procesa datele mele și de a-mi trimite alerte prin e-mail, așa cum este detaliat în policyApplicația de confidențialitate a lui neuvoo. Pot să-mi retrag consimțământul sau să mă dezabonez în orice moment.