Application/Product Security Engineer
Your responsibilities:
- Security Assessments: Conduct regular security assessments, including threat modeling, At-tack Surface Analysis, Critical Analysis.
- Security Architecture: Design and implement security architecture and controls for new and existing products.
- Code Review: Review source code for security vulnerabilities and provide actionable feedback to development teams.
- Secure Coding Practices: Educate and advocate for secure coding practices among development teams through workshops, training sessions, and documentation.
- Tool Implementation: Evaluate and implement application security tools (e.g., static and dynamic analysis tools) to automate security testing processes.
- Incident Response: Assist in incident response activities related to application security breaches, including root cause analysis and remediation strategies.
- Collaboration: Work closely with cross-functional teams, including software developers, DevOps, and IT security, to ensure security considerations are integrated into the development process.
- Monitoring and Reporting: Monitor application security metrics and provide regular reports to management on security posture and compliance.
We are looking for you, if you have:
- University degree in Computer Science or similar field
- Understanding of programming languages such as Java, C#, Python, or JavaScript.
- Strong understanding of application security principles and secure coding practices.
- Strong understanding of application security principles like network security, encryption, access management and their best practices
- Experience with security tools and processes such as SAST, DAST, SCA, and vulnerability scanners (e.g., SonarQube, OWASP ZAP, Nessus, Invicti)
- Knowledge of security frameworks (e.g., OWASP Top Ten, NIST, ISO 27001), cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features
- Hands on experience with containerization and orchestration tools such as Docker and Kubernetes
- Fluency in English
- Certifications: Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or Offensive Security Certified Professional (OSCP) are a plus.
We offer:
- Participation in interesting and demanding projects
- Flexible working hours
- A great, non-corporate atmosphere
- Stable employment conditions (contract of employment or B2B contract)
- Opportunities for development and promotion
- Attractive package of benefits
- Remote work
We reserve the right to contact the selected candidates.
Why is it
worth joining TTMS?
Flexible working hours
Not everyone is comfortable operating a company during the standard 9 a.m. – 5 p.m. hours. We have been successfully running projects for many years despite diversified work patterns.
Possibility of remote work
At TTMS, desk-to-desk work is what drives us, but we understand if someone prefers a remote or hybrid model. We are equipped with all the necessary tools to perform either at home or in the office.
Great, non-corporate atmosphere
Professionalism, attention to the quality of work and a friendly, informal atmosphere are not mutually exclusive. A flat structure and natural, friendly relationships create the basis for creativity and innovation.
Interesting, international projects
We create solutions for medium and large companies, we are present in Poland, Malaysia, Denmark, the UK, Switzerland, and India – the effects of your work will travel around the world. In TTMS you have an influence on the company’s success.
Together towards climate neutrality
We select subcontractors to minimize the carbon footprint, organize bush plantings, save peat bogs – all to achieve climate neutrality in 2025. We are glad that we are attracting more and more people who also care about sustainable development and environmental protection.
Friendly offices
Our offices are modern spaces that inspire employees and are environmentally friendly. Białystok is the kingdom of Marvel superheroes, Krakow is a soothing tropical forest, Wrocław is an art gallery, and the Lublin branch is a rock “hall of fame”.
Would you like to work for us?
Sending CV
Include information about technical skills, knowledge of programming languages and IT tools, and possibly experience in projects.
Phone Screening
The interview is aimed at assessing the candidate’s suitability for the position and verifying basic information from the CV. It is also an opportunity to discuss the candidate’s expectations and briefly present the job description and working conditions.
HR + technical meeting
We talk about the candidate’s professional experience, but also expectations regarding the new job. This is also the moment to check references and confirm the authenticity of the information provided, which allows you to get to know the candidate better and assess his fit with the company’s organizational culture.
Client company meeting
The candidate is introduced to the client. This stage aims to match the future employee to a specific project, taking into account both their technical skills and design preferences, which maximizes the chances of successful cooperation.
Employment
We sign an agreement that includes the terms of cooperation, scope of duties, remuneration and other key aspects of employment, such as the rights and obligations of both parties. From now on, the candidate becomes an official employee of the company.
Onboarding + first day of work
A comprehensive process of familiarizing a new employee with the organization, team and tools, aimed at making it easier for him to join work as quickly and effectively as possible. In TTMS, we use an internal e-Learning platform to conduct modern onboarding.
Our offices
Warsaw
The heart of our company and our command center
The Management Board of the company and management of individual business areas function here. On a daily basis, it is here that the most important, strategic and business decisions are made, as well as pro-ecological iniciatives. The Warsaw branch – located in Varso Tower – aims to be the first to create a fully eco-friendly office using renewable Energy and environmentally friendly materials, which is confirmed by the BREEM certificate.