Senior Application Security Engineer

Tech Stack

APPLICATION SECURITY
SCRIPTING
SECURITY TESTING

Job Description

About ShiftKeyShiftKey is a platform that is disrupting the way healthcare facilities find licensed and certified professionals to fill available shifts.

Leveraging marketplace dynamics and deep industry knowledge, the company is playing a vital role in mitigating America’s healthcare staffing shortages, enabling direct connections between facilities and healthcare professionals.

By offering the opportunity to work as much or as little as they choose and putting the power back into the hands of healthcare workers, ShiftKey is bringing more licensed professionals back into the workforce, a solution that is solving a major crisis in healthcare.

For more information, visit www.ShiftKey.com.The roleWe're looking for a Senior Application Security Engineer to join our global Information Security team at ShiftKey.

In this role, you’ll get to work with cutting-edge technologies, enjoy a high degree of autonomy, and help shape the future of our application security program.

This position marks our second location in Poland, offering you a unique chance to collaborate with colleagues around the globe.You’ll work with technologies like Veracode (dynamic and static scanning), AWS Security Stack (WAF, Guard Duty, Shield, Security Hub), Kafka, Jira, and Burp Suite.Where you’ll workYou have to be located in Poland to be considered for this position.

You’ll have the flexibility to choose between remote work or working from our office in Warsaw.What you’ll be doingCollaborating with software development teams to define and implement security requirements during the design and architecture phases of application development.Defining and advocating secure coding practices and coding standards within development teams.Providing guidance and training to developers on secure coding principles and techniques.Automating security testing processes to seamlessly integrate security into the development lifecycle.Collaborating with incident response teams to respond to and manage application-related security incidents.Analyzing application vulnerabilities and offering expert guidance to development teams on effective remediation methods.What you’ll needMinimum of 5 years of experience in application security, secure application development, or related roles that contribute to a strong foundation in software development.Proficiency in at least one scripting language (Python or JavaScript); additional languages are a plus.Familiarity with application security frameworks (e.g., STRIDE, OWASP) and experience with development tools such as GIT.Hands-on experience with application security testing tools (e.g., SAST, DAST, IAST); experience with a combination of these tools is preferred.Strong analytical and problem-solving skills, with the ability to analyze complex security issues and articulate solutions clearly.Proven ability to collaborate effectively with cross-functional teams, including development, operations, and compliance, while promoting a culture of security awareness through training, documentation, and regular communication.Perks of working for ShiftKeyA high-growth, friendly, and engaging work environment with the potential for career development opportunities.Above standard paid time-off policy.Remote work option (we meet up once per quarter) or work in the office, whatever works for you!

Modern office, overlooking Vistula River with recreational facilities.Private Medical Care.Sport Card.Life Insurance.Latest work equipment.