Code Security Engineer​ | f/m/d

Your responsibilities

• performing secure code reviews for web, mobile, and backend applications
• identifying security vulnerabilities in line with OWASP Top 10, SANS, and CWE standards
• analyzing and reviewing code written in languages such as Java, JavaScript, Python, C/C++, SQL, Swift, or similar
• reviewing pull requests and CI/CD pipelines to detect and address security issues early
• validating and triaging SAST findings, reducing false positives and prioritizing real risks
• providing clear and actionable remediation guidance, including secure coding examples
• participating in threat modeling and identify design-level security risks
• collaborating with development, QA, and release teams throughout development cycles
• contributing to secure coding guidelines, standards, and best practices
• supporting audits, compliance, and security documentation
• tracking vulnerabilities through their lifecycle to ensure remediation
• preparing and communicate security findings and recommendations to stakeholders

Our requirements

• fluency in English
• experience performing secure code reviews and identifying application security vulnerabilities
• at least 2 years of experience in similar position
• strong understanding of OWASP Top 10 (Web & API) and common mitigation approaches
• knowledge of Secure SDLC and DevSecOps practices
• hands-on experience with SAST tools (e.g., Checkmarx, Fortify, SonarQube)
• familiarity with authentication, authorization, cryptography, and session management concepts
• ability to read and analyze code across multiple languages and technologies
• experience working with CI/CD pipelines and development workflows

Optional

• experience working with multiple programming languages across large systems
• hands-on experience in Agile environments (Scrum/Kanban)
• experience supporting audits or compliance processes
• exposure to security testing across large enterprise environments

About the role

What we offer

• Let's be healthy – medical package, sports card, and numerous sports sections – these are some of the benefits that help our employees stay in good shape.
• Let's be balanced – work-life balance is a key aspect of a healthy workplace. We offer our employees flexible working hours, a confidential employee assistant program, as well as the possibility of remote working. However, staying at home with our in-office gaming room and dog-friendly office in Warsaw won’t be easy.
• Let's be smart – we organize numerous workshops and training courses. Thanks to hackathons and meetups, our specialists share their expertise with others. Additionally, we have a wide range of digital learning platforms and language courses.
• Let's be responsible – each year, we participate in several CSR activities, during which, together with our colleagues, we do our best to create a better future.
• Let's be fun – company-wide bike races and soccer matches, film marathons in our cinema room or other engaging team-building activities – we got it covered!
• Let's be diverse – every team member is valued, regardless of gender, nationality, religious beliefs, disability, age, and sexual orientation or identity. Your qualifications, experience, and mindset are our greatest benefit!

Benefits

• sharing the costs of sports activities
• private medical care
• sharing the costs of foreign language classes
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• integration events
• employee referral program
• charity initiatives

ERGO Technology & Services S.A.