Senior Security Engineer (AppSec)
Booksy
Booksy is an online booking platform and salon management system for the beauty industry. We are one of the fastest-growing Polish companies and an international leader in the beauty industry. Our application is used by over 25 million customers!
Tech stack
Google Cloud Platform
Job description
A career at Booksy means you’re part of a global team focused on helping people around the world feel great about themselves, every day. From empowering entrepreneurs to build successful businesses, to supporting their customers to arrange 'me time' moments, we’re in the business of helping people thrive and feel fantastic.
Working in an ever-changing, scale-up where things are messy, and resources are limited isn't for everyone. If you thrive in a stable environment with big budgets, clear processes and structures then, if being honest, we’re probably not for you. However, if you love bringing order to chaos, inventively solving problems, and prioritising your own path within ambiguity, then you're likely to love it here.
The people you’ll like to work with and things you'll enjoy impacting:
As a Senior Security Engineer (AppSec) reporting to the Director of Enterprise Technology in our Security (Enterprise Technology) team, your purpose will be to ensure that the Booksy Application and its underlying infrastructure are designed securely, protected from attacks, and free from common vulnerabilities. You’ll work closely with product engineers to build security into our products and automate security-related activities, while also promoting security awareness throughout the company.
Essentially, to ensure you succeed in this role you’re going to need…
- Commercial experience in application security (risks, vulnerabilities, OWASP Top 10, mitigation techniques, penetration testing, etc.).
- Experience in software engineering, with the ability to introduce security improvements into applications.
- Good understanding of modern application security topics (OWASP ASVS/MASVS, SSDLC, DevSecOps).
- Experience with Cloud Security (GCP, K8s, AWS).
- Ability to collaborate across teams and communicate effectively with diverse stakeholders.
At a minimum we require conversational level English language skills. Why? English is our company language and is used for any business-wide communications, so we need you to be able to speak English to feel like an integrated part of Booksy.
It will also help you to have…
- Knowledge of modern architecture standards and their impact on security (microservices, IDP, OAuth, SAML, service mesh, etc.).
- Experience with web/mobile application engineering concepts (web servers, containers, SSL/TLS, WAF, Git).
- Familiarity with tools like Burpsuite, Semgrep, Lacework, and Nuclei.
Some of the benefits we offer are:
- Flexible working hours and fully remote opportunities within your country
- A holiday allowance of 26 days + public holidays
- Access to tools and resources that support professional development
- The opportunity to be part of something big – the world’s fastest-growing beauty marketplace
Our Diversity and Inclusion Commitment:
We work in a highly creative and diverse industry so it goes without saying that we strive to create an inclusive environment for all. We welcome people from all backgrounds and are committed to fair consideration in our hiring process. If you have any accessibility needs or require reasonable adjustments during the interview process, please contact us at belonging@booksy.com, so we can best support you.
Kindly submit your application and CV in English to ensure it is successfully reviewed.
B2B, Permanent
Check similar offers
