🏢 Offshore Consulting Shops

Luxoft is an IT consulting and software engineering services firm that provides bespoke technology solutions to external clients, often operating as a staff augmentation or professional services provider.

This company was flagged and excluded from default search results. Proceed with caution.

Save Job
Posted 5d ago

Senior Application Security Engineer

@ Luxoft
Ukraine
RemoteFull Time
Responsibilities:modeling threats, securing pipelines, automating scanning
Requirements Summary:5+ years in application security with AI/ML security experience, strong secure coding and vulnerability management, cloud (AWS/Azure) and Python/Java proficiency, B2 English.
Technical Tools Mentioned:AWS, Azure, Python, Java, Amazon Bedrock, SageMaker, Spark, Microsoft Active Directory, Kubernetes, SAST, DAST, SCA, OWASP Top 10, SSL
Save
Mark Applied
Hide Job
Report & Hide
Job Description

Project description

One of the world's largest providers of products and services to the energy industry has a need to develop, support and integrate software system in Oil & Gas domain.
You will be a member of a cross functional team.
Key project stakeholders are open for innovative ideas.
Project is based on SCRUM methodology.
This is a great opportunity to work in an international team, apply and learn modern IT technologies

Responsibilities

  • Application Security with strong AI/ML security exposure
  • Threat modeling and risk assessment for AI systems, APIs, and cloud-native applications
  • Protection against prompt injection, adversarial ML, data poisoning, and model abuse
  • Secure SDLC and CI/CD integration, including MLOps pipelines
  • Hands-on experience with SAST, DAST, SCA, container scanning, and security automation
  • Strong collaboration with development and data science teams

Skills

Must have

  • 5+ years in Application Security, with at least 1-2 years focused on AI/ML security
  • Strong secure coding and vulnerability management background (OWASP Top 10)
  • Experience with cloud platforms (AWS and/or Azure)
  • Strong programming skills in Python or Java
  • Familiarity with AI platforms such as Amazon Bedrock, SageMaker, or Spark
  • Strong communication skills

Nice to have

  • Good knowledge of Microsoft Active Directory services
  • Firewall and security group administration practical experience.
  • Good understanding of AICPA SOC2 controls and processes.
  • Thorough knowledge of network security and protocols.
  • Knowledge of cryptography protocols and hands-on experience in SSL certificates generation.
  • Penetration testing hands-on experience in Azure and AWS cloud environments and Kubernetes clusters.
  • Web and desktop applications penetration testing hands-on experience.

Other

Languages: English: B2 Upper Intermediate

Seniority: Senior