Middle Security Engineer

Middle

OWASP

Independently perform threat modeling, architecture reviews, and basic pentesting to identify risks, advise on secure design, and document actionable mitigation strategies for robust application security.

Middle Security Engineer

Middle Security Engineer

Middle

OWASP

We are looking for a Middle Security Engineer with hands-on experience in threat modeling and application security. The role involves working independently and closely with engineering teams to improve the security of real-world systems.

Responsibilities

  • Independently perform threat modeling for new and existing systems

  • Analyze application architecture and identify security risks

  • Define trust boundaries, attack surfaces, and data flows

  • Propose and justify practical mitigation strategies

  • Conduct application security reviews

  • Perform basic pentesting / manual security testing

  • Advise developers on secure design and implementation

  • Document risks, findings, and recommendations in a clear and actionable way

You will be successful in this role if you have:

  • At least 2 years of hands-on experience in software development and/or security engineering

  • Strong understanding of CIA triad, authentication vs authorization, access control concepts

  • Solid knowledge of OWASP Top 10

  • Practical experience with: web application security, API security

  • Good understanding of OAuth2 / JWT at a conceptual level common attack patterns

  • Hands-on experience with building threat models, using STRIDE or similar methodologies, documenting threats and mitigations

  • Ability to explain security risks to non-security teams

  • Experience with Pentesting - manual testing techniques, basic security tools

  • Understanding the limitations of automated security tooling

Nice to have:

  • Experience with SAST / DAST / SCA

  • Cloud security fundamentals

  • Experience working within SSDLC

  • Security certifications

What we offer:

  • Long-term career stability with a competitive salary paid in USD.

  • Conditions for steady career development.

  • Development supported by dedicated mentors and a variety of programs focused on expertise and innovation.

  • Private medical insurance provided after successful completion of the probationary period

  • A well-equipped and cozy office supports comfort and productivity across all project stages.

  • Welcoming atmosphere and a friendly corporate culture.

If you feel this opportunity resonates with you, apply now — we’re looking forward to getting to know you!

We are looking for a Middle Security Engineer with hands-on experience in threat modeling and application security. The role involves working independently and closely with engineering teams to improve the security of real-world systems.

Responsibilities

  • Independently perform threat modeling for new and existing systems

  • Analyze application architecture and identify security risks

  • Define trust boundaries, attack surfaces, and data flows

  • Propose and justify practical mitigation strategies

  • Conduct application security reviews

  • Perform basic pentesting / manual security testing

  • Advise developers on secure design and implementation

  • Document risks, findings, and recommendations in a clear and actionable way

You will be successful in this role if you have:

  • At least 2 years of hands-on experience in software development and/or security engineering

  • Strong understanding of CIA triad, authentication vs authorization, access control concepts

  • Solid knowledge of OWASP Top 10

  • Practical experience with: web application security, API security

  • Good understanding of OAuth2 / JWT at a conceptual level common attack patterns

  • Hands-on experience with building threat models, using STRIDE or similar methodologies, documenting threats and mitigations

  • Ability to explain security risks to non-security teams

  • Experience with Pentesting - manual testing techniques, basic security tools

  • Understanding the limitations of automated security tooling

Nice to have:

  • Experience with SAST / DAST / SCA

  • Cloud security fundamentals

  • Experience working within SSDLC

  • Security certifications

What we offer:

  • Long-term career stability with a competitive salary paid in USD.

  • Conditions for steady career development.

  • Development supported by dedicated mentors and a variety of programs focused on expertise and innovation.

  • Private medical insurance provided after successful completion of the probationary period

  • A well-equipped and cozy office supports comfort and productivity across all project stages.

  • Welcoming atmosphere and a friendly corporate culture.

If you feel this opportunity resonates with you, apply now — we’re looking forward to getting to know you!

Middle Security Engineer

Content

Middle

Independently perform threat modeling, architecture reviews, and basic pentesting to identify risks, advise on secure design, and document actionable mitigation strategies for robust application security.