Senior Application Security Engineer

Acronis is a world leader in cyber protection, delivering natively integrated solutions that monitor, control, and protect the data that businesses and lives depend on. Driven by our passion to protect every workload, we’ve built the industry’s only all-in-one cyber protection platform. We are looking for a Senior Application Security Engineer to join our mission of protecting the digital world.
In this role you will collaborate with security researchers and internal teams on responsible disclosure and identify vulnerabilities before they can be exploited. Working closely with development teams, you will improve development processes and practices to prevent entire classes of vulnerabilities from recurring. You will monitor attacks, investigate incidents, and coordinate effective responses. You will design and implement advanced detection and protection mechanisms for applications. You will drive secure SDLC adoption for custom application logic in enterprise systems.

WHAT YOU'LL DO

• Drive SSDLC adoption for custom application logic in enterprise systems.
• Validate and triage external security reports, including bug bounty submissions.
• Perform threat modeling to identify potential attack paths and define appropriate mitigations.
• Advise development teams on secure coding practices to reduce and prevent vulnerabilities.
• Perform vulnerability testing and analysis of applications and guide teams on effective remediation.
• Conduct security assessments of internally developed software components.
• Contribute to the development, improvement, and implementation of SSDLC processes.
• Lead post-mortem reviews of application security incidents and vulnerabilities.
• Act as an application security advisor to engineers, including training on secure development practices.

WHAT YOU BRING 

• Strong understanding of security models for Web/REST APIs, cloud, mobile, and desktop applications.
• Hands-on experience with security assessment tools and attack techniques; able to perform assessments beyond simple input injection.
• Experience performing code assessments in Go, Python, Rust, C/C++, and JavaScript. Basic programming skills in Go, Python, or similar languages are helpful.
• Knowledge of Salesforce security features and controls.
• Strong communication skills.
• 5+ years of experience in Application Security.
• Published security research, open-source tools, blog posts, or active participation in bug bounty programs are strong advantages.
• Interview preparation:
  • Explain the Same Origin Policy and discuss Cross-Site Scripting (XSS) contexts.
  • Describe an attack such as SQL Injection, XXE, SSRF, or others; suggest mitigations and discuss potential bypass techniques.
  • Explain how you would assess and secure custom application logic in a Salesforce.
  • Be prepared to review code for security vulnerabilities.
  • Share your favorite area of security and where you are most interested in learning more.

*Please submit your resume and application in English.

WHO WE ARE

Acronis is a global cyber protection company that provides natively integrated cybersecurity, data protection, and endpoint management for managed service providers (MSPs), small and medium businesses (SMBs), enterprise IT departments and home users. Our all-in-one solutions are highly efficient and designed to identify, prevent, detect, respond, remediate, and recover from modern cyberthreats with minimal downtime, ensuring data integrity and business continuity. We offer the most comprehensive security solution on the market for MSPs with our unique ability to meet the needs of diverse and distributed IT environments.

A Swiss company founded in Singapore in 2003, Acronis offers over twenty years of innovation with 15 offices worldwide and more than 1800 employees in 50+ countries. Acronis Cyber Protect is available in 26 languages in 150 countries and is used by over 20,000 service providers to protect over 750,000 businesses.

Our corporate culture is focused on making a positive impact on the lives of each employee and the communities we serve. Mutual trust, respect and belief that we can contribute to the world everyday are the cornerstones of our team. Each member of our “A-Team” plays an instrumental role in driving the success of our innovative and expanding business. We seek individuals who excel in dynamic, global environments and have a never give up attitude, contributing to our collective growth and impact.

Acronis is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, ancestry, color, marital status, national origin, physical or mental disability, medical condition, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, gender identity or expression, or any other characteristic protected by applicable laws, regulations and ordinances.

#LI-LD1