Application Security Engineer

Posted:
7/29/2024, 11:06:42 PM

Location(s):
Sofia City Province, Bulgaria ⋅ Sofia, Sofia City Province, Bulgaria ⋅ Varna, Bulgaria ⋅ Varna, Varna, Bulgaria

Experience Level(s):
Junior ⋅ Mid Level ⋅ Senior

Field(s):
DevOps & Infrastructure ⋅ IT & Security ⋅ Software Engineering

Workplace Type:
Hybrid

Job Description:

About DXC Bulgaria  

We are DXC - a Fortune 500 global IT services leader. In Bulgaria, we are among the largest employers with over 4,000 employees working on the company's entire IT portfolio. We are flexible - we provide everything you need to comfortably work from home, but we also keep our offices open for collaboration, meetings, and building a strong team spirit. We tailor everyone’s development path to their individual interests through training and additional certifications.

Our experience and desire to grow, our mission, and our values ​​create an environment where ambitious people become successful at home. At home - in Bulgaria.

Main responsibility of the position holder is to help clients and internal DXC teams with security of their applications and guide them into adoption of security into DevOps. The Application Security Engineer should feel comfortable to act as a consultant and engineer depending on the customer requirements. 

Daily challenges

  • Perform application threat analyze (both manually and automatically)

  • Influence clients’ apps and architecture towards best security practices 

  • Guide and implement DevSecOps tools (SAST, DAST, SCA and etc) for clients

  • Perform security code reviews (manually) or to assist with identify of false findings

  • Take part in penetration testing activities

  • Keep up-to date knowledge for security market and potential threats

  • Build of security capabilities to protect the DXC core platform and DXC managed systems.

  • Create supporting documentation as needed.

  • Develop and maintain CI/CD to automate tasks, targeting zero ops support model.

eXperience and skills required

  • Knowledge/experience in the areas of software development or QA, DevOps, operating systems, databases, and clouds

  • Knowledge in information security – understanding of security principles

  • Ability to write down simple scripts and read source code 

  • Experience with Kubernetes, Docker, GitHub, Jenkins

  • Proactiveness and willingness to share opinion and participate in team decisions

Advantages: 

  • Knowledge/experience with AWS/Azure Cloud technologies, services, and concepts

  • Knowledge/experience with Terraform, Aqua, IaC (Infrastructure as Code)

  • Experience working in Agile team with Kanban methodology – Jira and Confluence

  • Architectural experience

  • Programming background

  • Penetration testing exposure

  • Security related certificate(s) like (OSCP, OSWE, CISSP, CSSLP)

Company benefits

  • Competitive remuneration package

  • Additional Medical & Life insurance

  • 4 days additional paid leave (total: 24 days)

  • The possibility to work entirely remotely

  • Food vouchers

  • Training, continuous learning and career development in the largest IT company on the market

  • Unlimited access courses from a bunch of external partners for the best learner's experience (e.g., LinkedIn Learning, Udemy)

  • Access to a foreign language learning platform

  • Stable employment in an international company

  • Advancement opportunities within the organization (a variety of interesting projects with the array of technologies and tools)

  • Flexibility in work arrangement (hybrid or fully remote work, the home office culture is in our DNA)

  • Workplace equipment to organize your home office (e.g., chair, desk, additional monitor, headset etc.)

  • DXC Partner courses and certifications (Microsoft, SAP, ServiceNow, AWS, Google, Dell Technologies, IBM, Micro Focus, Salesforce, Red Hat, VMware, Workday)

  • Employee Referral Program - a financial bonus for the referrer for successful candidate recommendation

  • Employee Recognition Program with points assigned by colleagues for the recognized employees (exchangeable for prizes)

  • Employee Assistance Program (providing 24/7 support for employees and their families in difficult life situations)

  • Opportunity to join our numerous charity and ecology-related events organized by our Employee Ambassadors team


We Deliver eXcellence for our Customers and colleagues every day. Our values form the foundation of everything we do and every decision we make.

If you feel comfortable with the above-mentioned requirements, please send us your CV in English. At DXC our employees’ safety and well-being remain a key priority for us. Therefore, we continue with stay-at-home recruiting and video interviewing for the foreseeable future.

Please note only shortlisted candidates will be contacted.

Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.