Java Application Security Engineer - Balkans, Europe

PLEASE READ

• YOU MUST BE LOCATED IN A BALKANS COUNTRY (Incl Serbia, Bosnia, Albania, Macedonia)
• €80-100,000 SALARY
• GAMING/ GAMBLING SECTOR
• SECURITY/ DEVSECOPS/ JAVA

A large gaming/ gambling firm in the Balkans (Serbia etc) are looking for an Application Security Engineer with Java to work remotely out of a Balkans country paying €80-100,000 plus bonus.

My client require a security-focused software engineer who can spot and fix vulnerabilities, guide developers on safe coding, and ensure applications stay secure throughout their lifecycle — essentially, someone who acts as the “bodyguard” for the company’s software.

This role is for a tech professional who makes sure software applications are secure from hackers and vulnerabilities. You’ll be responsible for protecting both web and mobile apps throughout their development and deployment.

Key responsibilities :

• Build security into apps from the start: Guide developers on safe coding practices, especially for Java-based systems and microservices.
• Scan and test for security problems: Use automated tools (SAST/DAST) and manual methods to find weaknesses in code and apps.
• Penetration testing: Try to “hack” the apps in a controlled way to uncover vulnerabilities before bad actors do.
• Monitor and fix vulnerabilities: Keep an eye on new threats, outdated software, or weak dependencies and ensure they’re addressed quickly.
• Collaborate with teams: Work closely with developers, DevOps, and others to improve overall security.
• Stay up to date: Track the latest security threats, software versions, and best practices, recommending updates and fixes.
• Support secure deployment: Ensure apps remain secure whether running in the cloud or on company servers.
• Participate in reviews: Be involved in code reviews, risk assessments, and planning to spot security risks early.

Who they’re looking for (candidate profile, simplified):

• Education: Degree in Computer Science, Electrical Engineering, or similar.
• Experience: At least 5 years in application security, DevSecOps, or related areas.
• Tech skills:
• Strong Java skills and experience with frameworks like Spring/Spring Boot.
• Hands-on with security testing tools and CI/CD integration.
• Knowledge of web and mobile security threats (OWASP Top 10, SANS Top 25).
• Familiar with HTTP/HTTPS, authentication, and secure API design.
• Programming/scripting skills in Python, JavaScript, or Shell.
• Mindset & soft skills: Honest, accountable, constantly learning, and able to communicate well in English.
• Bonus: Security certifications like OSCP, OSWE, OSCE, or GPEN.