Кариери

General duties

• Participate in ensuring application security throughout the full lifecycle of applications — from requirements and design to deployment and maintenance;
• Perform security reviews and assessments of internally developed and implemented applications;
• Analyse source code and identify weaknesses, vulnerabilities, and security-related risks;
• Participate in defining and implementing secure software development requirements;
• Support development teams in adopting secure coding practices;
• Perform or coordinate static and dynamic code analysis, security testing, and application security assessments;
• Participate in penetration testing of applications before release into the production environment;
• Identify, document, classify, and track vulnerabilities through to remediation;
• Prepare remediation recommendations and advise development teams on secure implementation approaches;
• Work closely with Development, Architecture, Infrastructure, DevOps, and Information Security teams to improve the overall security posture of applications;
• Participate in the assessment of architectural solutions, integrations, API communications, authentication mechanisms, and access management controls;
• Support the implementation and continuous improvement of application security processes, standards, and tools;
• Prepare expert opinions, analyses, reports, and documentation related to application security. 

Requirements

• Degree in IT, Cybersecurity, Computer Science, Software Engineering, or a related field.
• 3+ years of experience in application security, secure development, code review, penetration testing, or similar roles.
• Hands-on experience with application security assessments, code review, and secure coding practices.
• Good understanding of application vulnerabilities, secure SDLC, APIs, authentication, access control, and data protection.
• Experience with SAST, DAST, SCA, penetration testing, and threat modeling.
• Familiarity with DevSecOps, CI/CD pipelines, automation tools, and security testing platforms.
• Knowledge of OWASP Top 10, OWASP ASVS, OWASP SAMM, and secure coding standards.
• Understanding of operating systems, databases, networks, servers, and infrastructure dependencies.
• Strong analytical, communication, and organisational skills with the ability to manage multiple priorities.
• Very good written and spoken English.

Nice to have:

• Experience in banking or other regulated environments.
• Experience securing web, mobile, cloud, and API-based applications.
• Relevant security certifications and knowledge of modern frameworks and architectures.

DSK Bank offers

• Excellent opportunities for professional and career development in one of Bulgaria’s leading banks
• Food vouchers in the amount of up to 102.26 EUR per month
• 20+5 paid holiday leave
• Additional Health Insurance
• Annual bonus scheme depending on the achieved results
• Favorable conditions for housing and mortgage lending, as well as for bank products and services
• Preferential conditions for Multisport / CoolFit card
• Discounts in various companies
• Professional trainings for specific knowledge and skills
• Refer a Friend Bonus

• A key expert role with real impact on application security across the organisation;
• Work on meaningful technology and cybersecurity topics with high added value;
• Opportunity for professional growth in the areas of application security, secure development, and penetration testing;
• Work in an environment with high standards, complex systems, and real challenges.

If this position sounds like the right fit for you, we’d love to receive your application. All applications will be treated with strict confidentiality. Only shortlisted candidates will be contacted.

Documents for application

CV