Skip To Main Content
epam-logo-black.svgepam-logo-black.svg
backBack to Search

Lead Security Engineer

Hybrid in Ukraine
Security.Engineering
& 10 others

We are seeking a skilled and experienced Lead Security Engineer to drive the secure design, implementation, and evolution of a scalable, decoupled architecture that enables technological progress and supports new digital business initiatives.

This role will engage closely with development and platform teams, delivering impactful security solutions to safeguard applications and cloud-native systems.

Responsibilities
  • Perform in-depth security reviews of application architectures, designs, APIs, and cloud-native solutions across products and services
  • Conduct threat modeling exercises to identify risks early in the software development lifecycle
  • Collaborate with development teams to integrate security controls into product features, APIs, and cloud environments
  • Define and promote secure coding standards tailored to various languages and technology stacks
  • Provide actionable guidance on mitigating OWASP Top 10, CWE Top 25, and other critical security risks in web, API, and cloud-native applications
  • Support vulnerability management workflows, triaging findings from SAST, DAST, and SCA tools
  • Strengthen DevSecOps pipelines by integrating security testing with SAST, DAST, secrets scanning, or container scanning
  • Validate the security of hybrid cloud/on-premises architectures and SaaS integrations with platform and cloud engineering teams
  • Contribute to the development of application security policies, secure architecture patterns, and baseline configurations
  • Deliver training to engineering teams on secure design patterns, secure coding techniques, and common pitfalls
  • Assist in incident response by analyzing product vulnerabilities and addressing application-level security incidents
Requirements
  • 3-4 years of hands-on experience in application security, secure software development, or security engineering
  • Strong technical expertise in securing cloud-native (AWS/Azure/GCP) and on-premises applications
  • Competency in secure application design, architecture patterns, and web security protocols like HTTPS/TLS, CORS, and CSP
  • Advanced knowledge of OWASP Top 10, CWE Top 25, and exploit mitigation techniques
  • Proficiency in API security, including OAuth 2.0, OpenID Connect, and API Gateway protections
  • Expertise in using SAST, DAST, SCA tools with experience guiding remediation based on results
  • Skills in building or enhancing DevSecOps pipelines with GitLab CI, GitHub Actions, Jenkins, or similar tools
  • Background in threat modeling and conducting security design reviews across application layers
  • Familiarity with Identity and Access Management (IAM) best practices
  • Experience with enterprise architecture principles and secure IT ecosystem integration
  • Communication skills to translate technical risks for diverse audiences and mentor engineering teams
  • Collaborative mindset, with a proven ability to work across globally distributed teams
Looking for something else?

Find a vacancy that works for you. Send us your CV to receive a personalized offer.

Find me a job