Job Details

AppSec engineer with a salary up to 350,000 net. Remote/hybrid, full-time. Employment under the Labor Code. Implementation and development of Secure SDLC, configuration of SAST/DAST/SCA, participation in architecture design.

We are the unified data operator for the entire Moscow Transport Complex. Our goal is to create smart and convenient digital products that make the urban environment safer and more comfortable for passengers and drivers. Over 350 strong professionals work in our center, passionate about technology and data. What you will do: - Implement and develop Secure SDLC - Configure SAST / DAST / SCA and integrate them into CI/CD - Participate in architecture design (security-by-design) - Write security requirements for new services - Analyze vulnerabilities and monitor their closure - Assign tasks to development and ensure their resolution - Conduct threat modeling - Create regulations and instructions - Train developers: reviews, consultations - Interact with DevOps on security integration into CI/CD

Experienced AppSec engineer with 3+ years of experience, who can implement processes, not just find vulnerabilities. What you need: 3+ years of experience in AppSec / secure development. Knowledge of Secure SDLC, OWASP Top 10. Practical experience with SAST / DAST / SCA. Understanding of CI/CD, web application and API architecture. Experience in code analysis and threat modeling. Ability to speak the developers' language.

Remote/hybrid Employment: full-time, 5/2 schedule Employment under the Labor Code