About the role

Are you ready to take on the challenge of protecting our company's assets and our customers' data? Do you enjoy an environment where every day brings new challenges? If so, we want YOU to join our team as an Application Security Engineer at h!g!

H!g is an international company which has been rapidly growing for the last couple of years. With this growth and closer cooperation within branches across Europe, the security area slowly becomes one of the main needs of the company. 

Security is currently maintained by an internal group of enthusiasts from other departments and after thorough consideration of current state and future requirements, we decided that security needs a leverage focus, thus we're gonna set up a dedicated team for it. 

The role of Application Security Engineer will be one of the first in our new security department. You will have a unique opportunity to secure the software development life cycle within the entire h!g environment and the ability to work with various development teams (30+ teams) from different countries while directly influencing the application security throughout the entire h!g. 

No challenge is too big for you as you fearlessly dive into identifying vulnerabilities in our applications and implementing robust security measures. Are you ready for it? This is not your average 9-to-5 job. You will be on the front lines, working closely with developers and security specialists to integrate security into every aspect of the software development lifecycle. Are you ready to show us what you're made of?

 

What will you do?

  • Identify attack vectors in Heureka's applications and provide remediation strategies
  • Perform security assessments, with and without source code access
  • Develop and maintain application security standards
  • Implement application security controls
  • Install, and configure application security testing tools and ensure their proper usage
  • Promote secure coding among teams
  • Provide penetration testing support
  • Help with secure system design and architecture
  • Research and stay up-to-date on the latest security threats and vulnerabilities
  • Assist the Information Security Manager with all application security tasks

 

Qualifications

  • The most important for this role is that you want to grow in the security area and help us with it in the whole development department
  • Experience in application security
  • Experience with static and dynamic analysis tools
  • Knowledge of secure coding practices and application security frameworks (e.g. OWASP ASVS)
  • Understanding of web application architecture
  • Basic development or scripting experience
  • Familiarity and ability to demonstrate common security flaws and ways to address them (e.g. OWASP Top 10)
  • English language written and spoken (B2 minimum)

 

What we're working with: 

  • Knowledge of GitLab, Containers, K8s,
  • Experience with working in GCP environment

 

And why you would love to be a Heurecian

  • Great company culture and open mindset
  • Opportunity to implement your own ideas
  • Beautiful offices in Prague-Karlín
  • Opportunity to learn a lot from the huge shared know-how we have in Heureka
  • Support you in improving your skills
  • Free working hours, working from home and a lot of other benefits, like multisport benefit card, extra days of vacation, cafeteria, meal vouchers, referral bonus etc.
  • And there's much more waiting for you here, you'll see for yourself

Heureka Group a.s.