Application Security Engineer - €100K + bonus

PLEASE READ Remote heavy role requiring the individual to go to Serbia once every 3 months for a few days - all expenses covered/ paid for****

A large gaming/ gambling firm in the

Balkans

(Serbia etc) are looking for an Application Security Engineer with Java to work remotely out of a Balkans country paying €80-100,000 plus bonus.

My client require a

security-focused software engineer

who can

spot and fix vulnerabilities, guide developers on safe coding, and ensure applications stay secure

throughout their lifecycle — essentially, someone who acts as the “bodyguard” for the company’s software.

This role is for a tech professional who makes sure

software applications are secure from hackers and vulnerabilities

. You’ll be responsible for protecting both web and mobile apps throughout their development and deployment.

Key responsibilities :

• Build security into apps from the start:

Guide developers on safe coding practices, especially for Java-based systems and microservices.

• Scan and test for security problems:

Use automated tools (SAST/DAST) and manual methods to find weaknesses in code and apps.

• Penetration testing:

Try to “hack” the apps in a controlled way to uncover vulnerabilities before bad actors do.

• Monitor and fix vulnerabilities:

Keep an eye on new threats, outdated software, or weak dependencies and ensure they’re addressed quickly.

• Collaborate with teams:

Work closely with developers, DevOps, and others to improve overall security.

• Stay up to date:

Track the latest security threats, software versions, and best practices, recommending updates and fixes.

• Support secure deployment:

Ensure apps remain secure whether running in the cloud or on company servers.

• Participate in reviews:

Be involved in code reviews, risk assessments, and planning to spot security risks early.

Who they’re looking for:

• MUST be able to get to Belgrade, Serbia for a few days every 3 months. Flights and accommodation are paid for!
• Education:

Degree in Computer Science, Electrical Engineering, or similar.

• Experience:

At least

5 years in application security, DevSecOps, or related areas

.

• Tech skills:
• Strong

Java

skills and experience with frameworks like Spring/Spring Boot.

• Hands-on with

security testing tools

and CI/CD integration.

• Knowledge of

web and mobile security threats

(OWASP Top 10, SANS Top 25).

• Familiar with

HTTP/HTTPS, authentication, and secure API design

.

• Programming/scripting skills in Python, JavaScript, or Shell.
• Mindset \& soft skills:

Honest, accountable, constantly learning, and able to communicate well in English.

• Bonus:

Security certifications like OSCP, OSWE, OSCE, or GPEN.