Secure the future – from code to cloud

You see security not as a gate, but as a foundation. You understand the balance between protection and progress, and you make it work. Whether it’s securing cloud infrastructure or guiding secure development practices, you thrive in the space where software delivery meets smart, proactive security.

About the role

We’re looking for a Software Security Engineer ready to take ownership of Application Security (AppSec). You’ll work closely with our development and operations teams to secure our applications throughout their lifecycle.

We are looking for someone with a few years of experience in cloud security, primarily within Azure, but also Google Cloud Platform. You have hands-on experience with security tools such as Google Cloud Security Command Center and/or Microsoft Defender for Cloud.

You are a strong contributor when it comes to security-related tooling, such as SAST/DAST for CI/CD pipelines, application IAM, container security and more. You have a broad technical foundation and thrive in hands-on application development. As and when required, you would remediate reported Critical/High vulnerabilities and collaborate with developers to avoid similar vulnerabilities in future.

As a person, you are innovative and analytical, with strong problem-solving skills. You enjoy the variation of working closely with colleagues as well as driving your own work forward.

Your responsibilities

• Design and implement safeguards such as monitoring, application identity management and data protection
• Continuing implementation of SAST solutions across all applicable projects
• Support DevSecOps processes and collaborate with development and operations teams
• Contribute to secure developer tooling and CI/CD pipelines
• Conduct manual and automated web applications and mobile security tests (with non-malicious payloads).
• Identify and remediate security vulnerabilities, and manage vulnerability scans to:

• Identify new vulnerabilities

• Fix vulnerabilities as and when required

• Validate security vulnerabilities fixed (validate manually if required) by other developers

• Eliminate false positives

• Manage the 3^rd party app package vulnerabilities

• Act as a security ambassador within the organization, supporting colleagues on security-related matters
• Actively participate in security audits – internal, customer-driven, or related to sales processes
• Actively participate in security incidents and investigations
• Stay up to date with the evolving threat landscape and mitigate risks across our cloud platforms
• Facilitate security of internal tools and developer tools, ensuring a safe and streamlined engineering workflow
• Train developers on secure coding practices and tooling.

Preferred Qualifications / Experience (Meritorious)

• .NET (and .NET Framework)
• Angular / TypeScript
• CI/CD, Azure DevOps, Octopus Deploy, Git
• Package managers (NuGet, pip, npm, etc.)
• Hands on application design & development experience.
• Hands on experience in techniques to exploit OWASP Top 10 principles
• Hands on knowledge of SAST & DAST tooling (SonarQube, Burp Suite, Metasploit, Rapid7, etc.)
• Pen testing experience on Azure and/GCP

Relevant certifications are considered an advantage.

Why Centiro?

• Work with world-class brands while helping define the gold standard in cloud and application security.
• Shape the future of secure software delivery in a company that values curiosity, autonomy and shared success.
• Work alongside passionate and talented colleagues in a creative and stimulating environment.
• Enjoy the flexibility and agility of a fast-moving organization with short decision paths.
  
  

So. Don’t hesitate, linger, or let anything hold you back. Apply now 😉

Centiro is an award-winning Swedish tech company with more than 650 employees, founded in 1998. Our solutions enable and empower commerce for marquee brands and finer supply chains in 175+ countries. With our human-centric strategy, the company has ranked at the top 10 as a Great Place to Work® for 15 years. Offices in Sweden, India, US, Canada, Spain and the UK. Read more at centiro.com.