Senior Application Security Engineer (Romania)

Infiterra Inc.

Job Overview

Location

Romania (Remote)

Job Type

Full-time

Full Job Description

📋 Description

• Senior Application Security Engineer at Infiterra Inc. plays a critical role in embedding security into the software development lifecycle to protect the company’s subscription commerce platform, ensuring that security is proactive, integrated, and continuous rather than reactive or siloed.
• This role directly contributes to safeguarding customer data, maintaining platform integrity, and supporting scalable growth by making security a shared responsibility across engineering teams.
• Day-to-day responsibilities include integrating security activities across all phases of the SDLC—from requirements and design through implementation, testing, deployment, and maintenance—working closely with product and engineering teams to ensure secure practices are consistently applied.
• The engineer will lead threat modeling sessions using frameworks like STRIDE for new and existing systems, identifying threats, attack vectors, misconfigurations, and flawed design patterns, then collaborating with engineers to enforce secure-by-design principles.
• Conducting security-focused code and architecture reviews is a core duty, involving the identification of vulnerabilities, provision of actionable guidance on secure coding, and assessment of system designs from a security standpoint to prevent flaws before they reach production.
• Performing both manual and automated web application security testing—covering injection flaws, authentication and authorization issues, access control gaps, insecure configurations, and logic flaws—is essential, alongside operating, tuning, and improving AppSec tooling such as SAST, DAST, SCA, secrets scanning, and dependency scanning.
• The role involves integrating and automating security checks within CI/CD pipelines, identifying tooling gaps, and recommending or implementing enhancements to strengthen the overall security automation framework.
• Supporting engineering teams during application security incidents or vulnerability disclosures is a key function, including triage, impact assessment, root cause analysis, and ensuring lessons learned are fed back into design, tooling, and processes to prevent recurrence.
• Enabling engineers through training, documentation, and hands-on guidance is vital; the engineer will create and maintain secure coding guidelines, checklists, and internal resources while acting as a trusted security partner who enables rather than blocks innovation.
• Working within a distributed, international engineering team headquartered in Thessaloniki, Greece, the role offers exposure to modern cloud-native architectures, APIs, and microservices, fostering collaboration across agile, product-driven teams.
• The position provides significant opportunities to grow expertise in application security program maturity, security metrics, and influencing organizational security culture through advocacy, education, and practical engineering integration.

🎯 Requirements

• Strong understanding of secure software development principles and experience applying them within modern SDLCs and agile workflows.
• Solid knowledge of common vulnerability classes, including OWASP Top 10 and CWE, with hands-on experience in web application security testing.
• Proven experience with application security tooling (SAST, DAST, SCA, secrets scanning, dependency scanning) and integrating these tools into CI/CD pipelines.
• Ability to assess risk pragmatically, prioritize remediation efforts, and collaborate effectively with product and engineering teams to drive secure-by-design outcomes.

🏖️ Benefits

• Fully remote work with a work-from-anywhere scheme, allowing flexibility to travel and work from various locations.
• Flexible working hours to support work-life balance and accommodate different time zones.
• Comprehensive health and life insurance program, plus a learning and development budget to support continuous skill growth.

Skills & Technologies

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Infiterra Inc.

Visit Website

About Infiterra Inc.

Infiterra Inc. is a technology company focused on developing and deploying advanced solutions for the energy sector. Their core offerings revolve around leveraging artificial intelligence and machine learning to optimize oil and gas exploration, production, and reservoir management. By analyzing vast datasets, Infiterra aims to enhance recovery rates, reduce operational costs, and improve safety and environmental performance for their clients. The company provides a suite of software tools and consulting services designed to integrate seamlessly with existing energy infrastructure. Their innovative approach helps energy companies make more informed decisions, mitigate risks, and maximize the value of their subsurface assets in an increasingly complex global market.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.