Must have

• Security

• GitHub

• GitHub Actions

• GitLab

• Jenkins

• DAST

• Burp Suite

• Linux

• SDLC

• Microservices

• English (B2)

Requirements description

• 6–10 years of experience in Application Security or Secure Software Development.
• Proven experience leading application security programs in a CI/CD-heavy engineering environment.
• Deep expertise in securing cloud-native applications, and integrating AppSec tools such as Semgrep, Mend, GitHub Advanced Security, HCL AppScan, or equivalent.
• Hands-on experience with CI/CD integrations using GitHub Actions, GitLab CI, Jenkins, or similar.
• Strong communication and influencing skills; able to drive security adoption across diverse teams.
• Knowledge of DAST tools (e.g., Tenable Web App Scanning) and Pentest methodologies (Burp Suite, Kali Linux).
• Experience with security in modern SDLC environments using containers, microservices, and APIs.
• IAST experience is a plus.

Offer description

ITMAGINATION helps its Clients by becoming a true extension of their software and data development capabilities. Through the readily set up, comprehensive, and self-governing teams, we let our Clients focus on their business while we make sure that their software products and data tools scale up accordingly and with outstanding quality.

We are looking for experienced team players to fill the Lead Application Security Engineer position and participate in our up-and-coming project for our client from the gaming industry. You can expect:

• Leading the application security program, including tool selection, policy enforcement, developer engagement, and risk reporting.
• Partnering with product teams to embed secure coding practices, review threat models, and triage high-impact vulnerabilities.