Senior Application Security Engineer

Jamf is a company focused on Apple device management and software security, offering international projects and a modern office environment in Katowice, Poland.

• Minimum 6 years of experience in software development and application security.
• Minimum 5 years of experience in software and development security principles and controls.
• Minimum 2 years of experience in one or more programming languages.
• Minimum 2 years of experience in security assessment tools and techniques, particularly in software development processes.
• Familiarity with OWASP and/or other relevant security frameworks.
• Bachelor's Degree in Computer Science, Information Systems, Computer Engineering, or related field, or equivalent experience.
• Ability to lead through influence in software development.
• Strong communication, organizational, and analytical skills.
• Ability to communicate complex technical terms in an easy to understand, non-technical manner.
• Ability to interact effectively in a results-driven culture.
• Self-starter, energetic multi-tasker, highly motivated and team player.
• Effective project planning and time management skills.
• Ability to critically analyze issues and use good judgment.
• Trustworthy with sensitive information and access to systems containing sensitive data.

Nice to have:

• Minimum 2 years of experience with Apple device management.
• GIAC Security Essentials certification.
• CEH (Certified Ethical Hacker) certification.
• CISSP Certified Information Systems Security Professional.
• AWS Certified Security.

• Lead security reviews of current and new products and services to identify, prioritize, and communicate security issues and risks.
• Champion and continuously improve secure development lifecycle practices, including threat modeling and testing.
• Define and provide secure designs, requirements, and reference architectures, and review implementations for alignment.
• Collaborate with development, product, and infrastructure teams to investigate, troubleshoot, and resolve complex security issues.
• Design, develop, and roll out secure practices, processes, tools, and systems to scale product security.
• Own and maintain high-quality security documentation and reporting for technical and non-technical audiences.
• Proactively research emerging threats, risks, and attack vectors and translate them into improvements.
• Participate in and coordinate security incident response activities, including post-incident reviews and remediation planning.
• Automate routine tasks and scale application security processes, mentoring others on automation use and extension.
• Serve as a product security subject-matter expert, providing counsel and decision support.
• Mentor and coach Product Security Engineer I and II team members.
• Lead Product Security Champions guild to mentor developers in product security practices.
• Perform other duties and special projects as assigned.

This role is offered as hybrid with the expectation to be in the Katowice office once per 2 weeks. Applications are accepted only from candidates based in Poland with sponsorship to live and work in Poland.