This is us

At Avenga, we believe that human creativity empowers technology that matters. Operating globally, our 6000+ specialists provide a full spectrum of services, including business and tech advisory, enterprise solutions, CX, UX and Ul design, managed services, product development, and software development.

This is the job

In Bulgaria and Egypt within the lottery industry, we are actively seeking a professional to strengthen our team.

This is you

• Computer Science Degree or equivalent (BSc or higher)
  
• 2+ years in enterprise software development or engineering with 2 years of experience in an application security-focused role is required
  
• In-depth knowledge of web application security and secure coding practices. Basic knowledge of network security, cloud security and cryptography
  
• Experience with at least one JVM language (e.g. Java) and one more programming language (e.g. JavaScript, NodeJS, Python) as well as related frameworks such as Spring or J2EE
  
• Experience in mobile application development or security.
  
• Understanding of web, mobile and cloud applications and architectures, relational and non-relational databases, and containerization
  
• Experience with at least one DAST, SAST and SCA security scanning tools configuration or automation
  
• Experience with security reports reviews produced by security scanning tools.
  
• Knowledge of application security frameworks such as OWASP, ASVS
  
• Knowledge of Unix based OS or/and scripting (e.g. Bash, Shell)
  
• Excellent communication skills in English (written and verbal)
  
• Ability to lead online meetings
  
• Organize and prioritize work effectively, able to adjust in a changing environment
  
• A desire to learn new skills and develop your existing skillset
  
• Ability to give and receive constructive feedback in a positive/professional manner
  
• Enjoy working collaboratively
• Mentoring and coaching of junior members of the team

Nice-to-have skills:

• Experience with any of Checkmarx products or GitHub automation
  
• Experience leading triaging calls and process
  
• Good experience with DAST or API scanning tooling and automation
  
• Any threat modelling skills
  
• Some knowledge of AWS would be a plus, but is not required
  
• Familiarity with Jira, Confluence and Assets

This is your role

• Triage vulnerabilities and review security reports coming from application security tools and pen-tests.
  
• Lead triaging sessions to determine the impact and risk associated with identified vulnerabilities, develop and supervise remediation actions.
  
• Consult with the different teams to build security into their platforms and projects as an SME.
  
• Collaborate with development teams to incorporate security into the software development lifecycle through the implementation of secure coding practices and timely addressing of application security vulnerabilities by prioritizing them.
  
• Conduct/help with security reviews of code to improve the overall security of our applications.
  
• Contribute in the implementation and automation of new application security products.
  
• Support, develop and continually improve security automation and orchestration capabilities.
  
• Create, update and maintain security documentation, tools and integrations that automate or advance team's security objectives.
  
• Act as an evangelist by promoting security awareness, and staying up-to-date on current development methodologies.
  
• Supporting and enhancing vulnerability management strategy to identify, assess and priorities software vulnerabilities across the organization.
  
• Update and maintain an accurate inventory of all applications, pipelines, integrations, and other application security assets.
  

What awaits you at Avenga?

Through our values, Better Minds, Bolder Ideas and Bigger Hearts, we strive to provide you with the tools, the autonomy, the trust, and assistance you need to excel. Enjoy benefits like private health insurance, well-being programs, flexible and hybrid work models, laptops and gear, trainings, language classes, social events, great offices, and more.

We take pride in the diverse skills and character of our teams, welcoming everyone to apply and contribute to our collective strength.