Code Security Engineer​ | f/m/d

Code Security Engineer​ | f/m/d

Miejsce pracy: Gdańsk

Your responsibilities

• performing secure code reviews for web, mobile, and backend applications
• identifying security vulnerabilities in line with OWASP Top 10, SANS, and CWE standards
• analyzing and reviewing code written in languages such as Java, JavaScript, Python, C/C++, SQL, Swift, or similar
• reviewing pull requests and CI/CD pipelines to detect and address security issues early
• validating and triaging SAST findings, reducing false positives and prioritizing real risks
• providing clear and actionable remediation guidance, including secure coding examples
• participating in threat modeling and identify design-level security risks
• collaborating with development, QA, and release teams throughout development cycles
• contributing to secure coding guidelines, standards, and best practices
• supporting audits, compliance, and security documentation
• tracking vulnerabilities through their lifecycle to ensure remediation
• preparing and communicate security findings and recommendations to stakeholders

Our requirements

• fluency in English
• experience performing secure code reviews and identifying application security vulnerabilities
• at least 2 years of experience in similar position
• strong understanding of OWASP Top 10 (Web & API) and common mitigation approaches
• knowledge of Secure SDLC and DevSecOps practices
• hands-on experience with SAST tools (e.g., Checkmarx, Fortify, SonarQube)
• familiarity with authentication, authorization, cryptography, and session management concepts
• ability to read and analyze code across multiple languages and technologies
• experience working with CI/CD pipelines and development workflows

Optional

• experience working with multiple programming languages across large systems
• hands-on experience in Agile environments (Scrum/Kanban)
• experience supporting audits or compliance processes
• exposure to security testing across large enterprise environments

What we offer

• Let's be healthy – medical package, sports card, and numerous sports sections – these are some of the benefits that help our employees stay in good shape.
• Let's be balanced – work-life balance is a key aspect of a healthy workplace. We offer our employees flexible working hours, a confidential employee assistant program, as well as the possibility of remote working. However, staying at home with our in-office gaming room and dog-friendly office in Warsaw won’t be easy.
• Let's be smart – we organize numerous workshops and training courses. Thanks to hackathons and meetups, our specialists share their expertise with others. Additionally, we have a wide range of digital learning platforms and language courses.
• Let's be responsible – each year, we participate in several CSR activities, during which, together with our colleagues, we do our best to create a better future.
• Let's be fun – company-wide bike races and soccer matches, film marathons in our cinema room or other engaging team-building activities – we got it covered!
• Let's be diverse – every team member is valued, regardless of gender, nationality, religious beliefs, disability, age, and sexual orientation or identity. Your qualifications, experience, and mindset are our greatest benefit!

Benefits

• sharing the costs of sports activities
• private medical care
• sharing the costs of foreign language classes
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• integration events
• employee referral program
• charity initiatives

About the role

We are looking for a Code Security Engineer to join our Security Testing team and help ensure the security and quality of application code across our organization.

In this role, you will work closely with development teams, providing insights and guidance to improve secure coding practices while supporting the safe delivery of modern applications. You will play a key part in protecting our systems by identifying vulnerabilities and helping teams build secure-by-design solutions.

ERGO Technology & Services S.A.

ERGO Technology & Services S.A. (ET&S), a member of the Munich Re and ERGO Group, is delivering integrated IT and business services to international markets. Our expertise lies in providing advanced IT services, with a focus on modern, business-driven technology solutions. On the business side, we also support the Group in various end-to-end insurance processes, including finance, operations, and underwriting. With offices in Warsaw and Gdansk, and strong global partnerships, we foster a dynamic, multicultural environment that promotes diversity and international opportunities.

Wszystkie informacje o przetwarzaniu danych osobowych w tej rekrutacji znajdziesz w formularzu aplikacyjnym, po kliknięciu w przycisk "Aplikuj Teraz".