ESG News

ESG News operates as a pioneering ESG media platform in Bulgaria, providing comprehensive news and insights on sustainability, ESG investing, events, and policy developments.

Internet Software & Services

Information Technology

11-50 (15)

Founded 2022

3 open positions

Links

View All Jobs

Senior Cyber Engineer

1 month, 2 weeks ago

United Kingdom

Full-time

Senior

Application Security Engineer

DevOps and Infrastructure

Agile AWS CI/CD CloudFormation GitHub Python Scrum SIEM Splunk Terraform

Apply Now

ESG News

ESG News operates as a pioneering ESG media platform in Bulgaria, providing comprehensive news and insights on sustainability, ESG investing, events, and policy developments.

Internet Software & Services

11-50

Founded 2022

View All Jobs 3

Description

Tune and evolve application security guardrails such as SAST, software composition analysis, secret scanning, and related controls to reduce noise and improve actionability.
Improve cloud and infrastructure-as-code security guardrails across AWS environments and CI/CD workflows.
Drive vulnerability management across application vulnerabilities, dependency risks, bug bounty findings, penetration test findings, and third-party advisories.
Help teams identify, own, prioritize, and remediate cloud misconfigurations using pragmatic, developer-friendly workflows.
Run lightweight, practical threat-modelling sessions for new products, features, services, and architectural changes.
Build scripts, integrations, dashboards, and other automation that reduce manual effort and improve visibility into security risk.
Provide security input into application and cloud design reviews, AWS architecture decisions, and larger technical changes.
Partner closely with product, platform, and engineering teams to embed security into design, delivery, and operations.
Support incident response and feed lessons learned back into patterns, tooling, and guidance.
Mentor security engineers and coach engineering teams; may include line management of one or two security engineers.

Requirements

Practical experience across both application security and cloud security, ideally with a balanced focus across both.
Hands-on AWS security experience, including common misconfiguration patterns and remediation approaches.
Experience improving vulnerability management across engineering teams, including prioritization, ownership, remediation tracking, and noise reduction.
Experience improving cloud or IaC misconfiguration management at scale in a developer-friendly way.
Experience integrating, tuning, or improving security tooling in CI/CD workflows such as SAST, software composition analysis, secret scanning, or IaC scanning.
Experience running practical threat-modelling sessions that influence design, delivery, or remediation decisions.
Ability to write scripts or small tools, ideally in Python, to automate security workflows or improve visibility.
Strong communication and collaboration skills with the ability to influence engineers and technical leaders without gatekeeping.
Evidence of improving application security, cloud security, or vulnerability management practices in a real engineering environment.
Familiarity with Agile or Scrum ways of working.
Experience leveraging AI for AppSec and CloudSec, which is desirable but not essential.
AWS Certified Security – Specialty or equivalent practical AWS security experience.
Terraform or CloudFormation expertise is desirable.
Incident-management or incident-response experience is desirable.
Experience with Splunk or similar logging/SIEM platforms is desirable.
Experience with security metrics, dashboards, or reporting that helped drive measurable risk reduction is desirable.
Experience mentoring or line-managing security engineers is desirable.

Benefits

A warm, collaborative culture with support for your growth, career aspirations, and wellbeing.
The opportunity to reach millions and create work that matters at a globally recognized news organization.
A commitment to diversity, equity, and inclusion, including efforts to remove barriers for underrepresented groups.
Reasonable adjustments and personalization during the application and interview process for candidates with disabilities.
Support from a disability confident employer and Valuable 500 signatory.
Flexibility to use AI tools to assist with the application process, provided all information is authentic and accurate.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Configuration Engineer, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Configuration Engineer to lead enterprise release management and delivery automation across cloud-native, SaaS, and AI product environments.

United States Full-time Senior Application Security Engineer DevOps Engineer

$147k-$377k

Ansible Azure Bash CI/CD DevSecOps Docker GitOps Jenkins Kubernetes PowerShell Python Secrets Management Terraform

16 hours, 1 minute ago

Apply

16 hours, 1 minute ago

Staff DevSecOps Engineer

Redox 51-250 Internet Software & Services

Redox is hiring a Staff DevSecOps Engineer to strengthen the security and reliability of its AWS/EKS platform for secure healthcare data exchange.

United States Full-time Lead DevOps Engineer Security Engineer

$190k-$199k

Argo CD AWS CI/CD DevSecOps Docker GitHub Actions Go Grafana Helm InfluxDB Kafka Kubernetes Node.js PostgreSQL Prometheus Python Redis Secrets Management Terraform TypeScript

16 hours, 31 minutes ago

Apply

16 hours, 31 minutes ago

Senior Cyber-Security Operations Analyst, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Cyber Security Operations Analyst to help design and scale secure Azure-based development and QA environments while improving CI/CD delivery and integrating security across the software lifecycle.