Senior Security Engineer

Summary

Join Booksy's global team and help people feel great about themselves. As a Senior Security Engineer (AppSec), you will ensure the Booksy Application and its infrastructure are secure, protected, and free from vulnerabilities. You will collaborate with product engineers, build security into products, automate security activities, and promote security awareness. This role requires commercial experience in application security, software engineering, and a good understanding of modern application security topics. The position is fully remote and offers various benefits, including company-subsidized private medical care, a multisport card, additional life insurance, online consultations with a psychologist, wellbeing tools, and happiness team initiatives. Fluency in English is required for company-wide communication. The company is committed to creating an inclusive environment for all.

Requirements

• Commercial experience in application security (risks, vulnerabilities, OWASP Top 10, mitigation techniques, penetration testing, etc.)
• Experience in software engineering, with the ability to introduce security improvements into applications
• Good understanding of modern application security topics (OWASP ASVS/MASVS, SSDLC, DevSecOps)
• Experience with Cloud Security (GCP, K8s, AWS)
• Ability to collaborate across teams and communicate effectively with diverse stakeholders
• At a minimum we require conversational level English language skills

Responsibilities

• Ensure that the Booksy Application and its underlying infrastructure are designed securely, protected from attacks, and free from common vulnerabilities
• Work closely with product engineers to build security into our products and automate security-related activities
• Promote security awareness throughout the company

Preferred Qualifications

• Knowledge of modern architecture standards and their impact on security (microservices, IDP, OAuth, SAML, service mesh, etc.)
• Experience with web/mobile application engineering concepts (web servers, containers, SSL/TLS, WAF, Git)
• Familiarity with tools like Burpsuite, Semgrep, Lacework, and Nuclei

Benefits

• Private medical care through Allianz Health (company-subsidized, with various packages to choose from)
• Multisport card (multiple options available)
• Additional life insurance from PZU
• Online consultations with a Booksy Psychologist
• Wellbeing tools (Worksmile and Officevibe)
• Happiness Team initiatives