(Senior) Application Security Ingenieur — Sygnum Bank
CHF 121'500 - 206'500
Sygnum Bank · Zurich (ZH)
- Ort
- Zurich
- Vertrag
- full-time
- Veröffentlicht
- vor 194 Tagen
LohnCHF 121'500 - 206'500
Rollenüberblick
This is a hands-on technical role for someone who can operate deeply across modern application security disciplines and cloud-native environments.
You will contribute to application security across our platform, covering web, mobile, APIs, backend services, and cloud infrastructure, by embedding security into engineering processes, CI/CD pipelines, and runtime environments.
Your main responsibilities include
- Integrate and improve security controls within CI/CD pipelines including SAST, DAST, SCA, and IaC scanning to strengthen DevSecOps practices.
- Configure, operate, and optimise application security tooling, ensuring findings are actionable and integrated into engineering workflows.
- Partner with engineering, platform, and product teams to design and implement secure-by-design architectures, perform threat modelling and promote secure development practices.
- Evaluate open-source dependencies and contribute to software supply chain security initiatives.
- Assess and secure AI-enabled applications and services, including AI/LLM integrations, AI supply chain risks, model security controls, and secure deployment patterns.
- Review and harden Infrastructure-as-Code implementations to enable secure cloud deployment patterns and reusable guardrails.
- Assess the security design of smart contracts, blockchain integrations, and third-party Web3 services.
- Partner with SOC and engineering teams to improve detection, alerting, and response capabilities for application-layer threats.
- Your main responsibilities include:
- Integrate and improve security controls within CI/CD pipelines including SAST, DAST, SCA, and IaC scanning to strengthen DevSecOps practices.
Hauptaufgaben
- Your main responsibilities include:
- Integrate and improve security controls within CI/CD pipelines including SAST, DAST, SCA, and IaC scanning to strengthen DevSecOps practices.
Bewerbungsprozess
- This is a hands-on technical role for someone who can operate deeply across modern application security disciplines and cloud-native environments.
- You will contribute to application security across our platform, covering web, mobile, APIs, backend services, and cloud infrastructure, by embedding security into engineering processes, CI/CD pipelines, and runtime environments.
- Configure, operate, and optimise application security tooling, ensuring findings are actionable and integrated into engineering workflows.
- Partner with engineering, platform, and product teams to design and implement secure-by-design architectures, perform threat modelling and promote secure development practices.
- Evaluate open-source dependencies and contribute to software supply chain security initiatives.
- Assess and secure AI-enabled applications and services, including AI/LLM integrations, AI supply chain risks, model security controls, and secure deployment patterns.
- Review and harden Infrastructure-as-Code implementations to enable secure cloud deployment patterns and reusable guardrails.
- Assess the security design of smart contracts, blockchain integrations, and third-party Web3 services.
Weitere Details
- Relevant education, certifications, or equivalent practical experience.
- Sygnum offers a comprehensive package of benefits for all team members.
- Attractive combination of market salaries and entrepreneurial incentive scheme Flexible/Work at home policies
Notizen und Originalinhalt
- Bonus points for:
- They include:
- Attractive combination of market salaries and entrepreneurial incentive scheme
- Flexible/Work at home policies