Create Alert
Apply now »

Application Security Engineer

Location: 

Vilnius, LT

ABOUT US:

 

As a world leading provider of integrated solutions for the alternative investment industry, Alter Domus (meaning “The Other House” in Latin) is proud to be home to 90% of the top 30 asset managers in the private markets, and more than 6,000 professionals across 24 jurisdictions. 

 

With a deep understanding of what it takes to succeed in alternatives, we believe in being different - in what we do, in how we work and most importantly in how we enable and develop our people. Invest yourself in the alternative, and join an organization where you progress on merit, where you can speak openly with whoever you are speaking to, and where you will be supported along whichever path you choose to take. 

 

Find out more about life at Alter Domus at careers.alterdomus.com  

 

JOB DESCRIPTION:

 

Reporting to the Global Head of Security, the Application Security Engineer plays a crucial role in leading our Application Security program, ensuring the highest level of security for our Engineering teams. The ideal candidate must have empathy for developers and intimately know the tools and workflows they use daily, while understanding the importance of communication, documentation, and taking accountability. The incumbent is an engineer who prioritizes addressing security challenges through technology and automation with a history of enabling developers with actionable security guidance. The candidate has experience with security code review, threat modeling or security architecture reviews, and can identify vulnerability paths explaining how they could be exploited while familiar with options for mitigation.

 

Responsibilities

  • AppSec BAU activities as follows:
    • Review and monitor SAST/SCA/Secrets Findings Remediation against set SLAs for High, Critical, Medium findings.
    • Alert developers on open violations and manage exceptions and risk acceptance.
    • Continue to onboard new repos and projects in AppSec tool.
    • Reduce Mean-time-to-Response to established SLAs. 
  • Shift left” security efforts to build security into the software development lifecycle:
    • Conduct secure design reviews and threat modeling to identify and prioritize risks, attack surfaces, and vulnerabilities.
    • Partner with Platform DevOps to design secure-by-default architectures and workflows.
    • Work with Platform DevOps team to seamlessly embed inline security checks into CI/CD pipelines.
    • Assist with application security code reviews of source code changes and advise developers on remediating vulnerabilities following secure coding practices.
  • Perform periodic DAST scans for external-facing product sites.
  • Establish and track SLA governance to ensure security findings are identified, prioritized, and remediated.
  • Maintain application asset inventory.
  • Conduct regular Office Hours for continued developer adoption.
  • Lead the Security Champions Program to build security-minded culture amongst developers and IT Operations teams.
  • Act as a trusted advisor and partner for development and cross-functional project teams, providing actionable guidance to address security.
  • Help with training on secure coding practices, empowering teams to proactively prevent vulnerabilities.
  • Evaluate and implement security tools and automation solutions to enhance the security posture of applications and streamline security processes.

 

Your Profile

  • Bachelor’s degree in computer science, Information Security, or related professional experience.
  • 3+ years of hands-on experience in application security, including securing cloud-based and containerized environments.
  • Understanding of the concept of code to cloud security vs. pipeline security
  • Experience performing secure code reviews and interpreting SAST/SCA/DAST results.
  • Experience with modern development workflows, including CI/CD pipelines, using Azure Pipelines and GitHub Actions.
  • Strong knowledge of the OWASP Top 10 for web applications and APIs and how to apply the standard to minimize security risk.
  • Understanding of vulnerabilities and secure coding practices.
  • Hands-on experience with security tools like Snyk, Veracode, Burpsuite or similar.
  • Familiarity with cloud platforms (AWS, Azure) and containerization (Docker, Kubernetes).
  • Proficiency in programming languages like Python, Java, or C# is preferred.
  • Can proactively communicate blockers to team seniors or peers and collaborate effectively with team members to drive an outcome.
  • Possess empathy, collaboration skills, and a learning mindset to work cross-functionally with engineers of all levels to build security into the product life cycle.
  • Can distill complex security concepts into clear actions and drive consensus with clear communication paths.

 

WHAT WE OFFER:

 

We are committed to supporting your development, advancing your career, and providing benefits that matter to you. 

 

Our industry-leading Alter Domus Academy offers six learning zones for every stage of your career, with resources tailored to your ambitions and resources from LinkedIn Learning. 

 

Our global benefits also include:

  • Support for professional accreditations such as ACCA and study leave 
  • Flexible arrangements, generous holidays, plus an additional day off for your birthday!
  • Continuous mentoring along your career progression 
  • Active sports, events and social committees across our offices 
  • 24/7 support available from our Employee Assistance Program 
  • The opportunity to invest in our growth and success through our Employee Share Plan 
  • Plus additional local benefits depending on your location 

 

Salary range: We offer a gross monthly salary of 1800 to 3410 EUR. Final salary will be based on overall skills and experience.

 

Equity in every sense of the word:

We are in the business of equity, in every sense of the word. For us, this means taking action to ensure every colleague has equal opportunity, valuing every voice and experience across our organisation, maintaining an inclusive culture where you can bring your whole self to work, and making Alter Domus a workplace where everyone feels they belong. 

 

We celebrate our differences, and understand that our success relies on diverse perspectives and experiences, working towards shared goals and a common purpose. We take pride in creating a workplace where all our people are empowered to be truly invested in the alternative and bring their whole selves to work.

 

We are committed to ensuring a welcoming recruiting and onboarding process for everyone. Please contact our hiring team if you require any accommodations to make our recruitment process more accessible for you. 

 

(Alter Domus Privacy notice can be reviewed via Alter Domus webpage: https://alterdomus.com/privacy-notice/)

 

#LI-HYBRID #LI-DH1

Apply now »