Logo kununu GmbH

Application Security Engineer

New

kununu GmbH

Job

  • Level
    Experienced
  • Job Field
    IT, Security, Test/QA
  • Employment Type
    Full Time
  • Contract Type
    Permanent employment
  • Salary
    60.000 to 75.000€ Gross/Year
  • Location
    Vienna
  • Working Model
    Onsite

    • Job Summary

    In this role, you develop security controls for PHP and JavaScript web applications, conduct security reviews, and integrate security into CI/CD pipelines using GitHub while implementing AWS security solutions.

    Job Technologies

    Your role in the team

    • You design, implement, and continuously improve application security controls for a PHP and JavaScript (NodeJS, React, and NextJS) web application.
    • You embed security into the CI/CD pipeline using GitHub and GitHub Actions, from build to deployment.
    • You perform secure code reviews, threat modelling, and architecture reviews for new and existing features.
    • You analyse application traffic patterns to detect and mitigate malicious bots, scraping, and automated abuse.
    • You define application-aware bot protection controls using AWS WAF and Shield, including rate limiting, anomaly detection, and custom rules.
    • You validate bot mitigation effectiveness through testing, monitoring, and continuous improvement.
    • You define and operate Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and dependency-scanning tools, including policies for third-party and open-source components.
    • You help design and maintain automated security test suites for test environments and live systems (continuous validation).
    • You collaborate with Cloud Infrastructure teams to secure AWS workloads running on ECS (EC2 & Fargate), ALBs, Lambdas, and WAF.
    • You monitor, analyze, and respond to application-level security events using Security Hub, GuardDuty, CloudTrail, and WAF logs.
    • You lead vulnerability management for application and cloud services, including prioritization and remediation guidance.
    • You help shape kununu's application security policies, standards, and secure design patterns.
    • You support incident response and post-incident reviews with a strong application-security focus.
    • You contribute to compliance efforts (e.g., GDPR, ISO 27001) from an application-security perspective.

    This text has been machine translated. Show original

    Our expectations of you

    Qualifications

    • Solid understanding of web security fundamentals (OWASP Top 10, authentication, authorization, session management, input validation).
    • Security Hub
    • GuardDuty
    • CloudTrail
    • AWS WAF & Shield
    • Starkes Verständnis von sicheren Designmustern und gängigen Anti-Patterns in der Anwendungssicherheit.
    • Vertrautheit mit GitHub Actions und modernen DevSecOps-Praktiken.
    • Comfortable scripting or automating security workflows (e.g., Bash, Python, or similar).
    • Strong communication skills and ability to work closely with developers and stakeholders.
    • Fluent in English (Portuguese is a plus).

    Experience

    • Strong experience in application security, ideally for PHP-based web applications.
    • Hands-on experience with AWS security services, especially:
    • Experience securing containerized workloads on ECS (EC2 & Fargate) and understanding of ALBs and Lambdas.
    • Proven experience with SAST, DAST, and dependency-scanning tools (e.g., Snyk, Dependabot, Trivy, OWASP ZAP, Burp).
    • Experience in defining or maintaining automated security tests for CI/CD pipelines and runtime validation.

    This text has been machine translated. Show original

    Benefits

    Food & Drink

    Work-Life-Integration

    Health, Fitness & Fun

    More net

    Job Locations

    Map of company locations

    • Location Vienna

      Austria

    Topics that you deal with on the job

    This is your employer

    kununu GmbH

    kununu GmbH

    Wien

    kununu is the largest employer ratings platform in Europe, with over 1.5 million ratings of 300,000 companies. Employees, applicants and interns rate companies on kununu in categories such as work conditions, career opportunities and salary.

    Description

  • Founding year
    2007
  • Language
    English
  • Company Type
    Established Company
  • Working Model
    Full Remote, Hybrid, Onsite
  • Industry
    Recruitment Agency, Internet, IT, Telecommunication

    • Dev Reviews

    by devworkplaces.com

    Total

    (1 Review)
    2.0

    • Career Growth

      0.0

    • Culture

      0.0

    • Engineering

      2.0

    • Workingconditions

      0.0
    All Dev Reviews on devworkplaces.com
    Logo kununu GmbH

    Application Security Engineer

    kununu GmbH
    Salary
    60.000 to 75.000€ Gross/Year
    Location
    Vienna
    Working Model
    Onsite
    Diversity
    Open for all genders

    More Jobs