Open position at MANTA

Application Security Lead

Work schedule
Legerova 934, 120 00 Praha 2-Vinohrady, Česko

We are currently looking for an Application Security Engineer to join our very first location, where everything started - Prague!

About your Team: 

The Engineering Team is the largest of all our teams with around 70+ colleagues. We have eight teams working on 8 million lines of code split into 1000 modules and delivering over 1000 new features per year. Feels like a challenge? Good!

Our stack is in Java 11, Spring, Tomcat, Neo4j, Antlr, H2 DB, Mybatis, ActiveMQ Artemis, React, Swagger, Javascript, C#, Maven, Git, AWS, Docker, Kubernetes and Openshift.

What you'll do:

  • Manage and enforce security coding guidelines;

  • Design and review design of security related product features such as user management and access rights, module communication, data encryption and protection etc.;
  • Manage processes for vulnerabilities discovered in the product and third-party libraries;
  • Manage penetration testing activity done by external companies;
  • Document security standards;
  • Work with customers and partners on security reviews and recommendations;
  • Cooperate with DevOps team for secure product deployment;
  • Create and managing threat models, inspecting data life-cycles and attack vectors;
  • Cooperate with testers to create new test cases focused on security issues;
  • Prepare the product for security certifications. 

What you should have:

  • University degree related to Information Technology, Cyber Security, or other technical degree;

  • Preferable at least 2 years of Information Security expertise in operations of the following domains – vulnerability management, threat analysis, risk assessment and dev security;
  • Familiar with coding and designing Java a JavaScript based web applications;
  • Familiar with common security flaws and security coding practices (such as OWASP);
  • Familiar with security requirements and certifications (such as ISO 27001, SOC 2, GDPR, HIPAA etc.);
  • Familiar with current authentication and encryption algorithms and processes;
  • Passionate about discovering and mitigating vulnerabilities;
  • Passionate about educating colleagues, customers and partners about security practices;
  • English language at least B2 level - If you were able to read this so far you'll be fine;
  • Familiarity with security requirements for application deployed in cloud environment (AWS, Azure etc.) is a plus;
  • Knowledge of containerization, Kubernetes and related technologies are an advantage;
  • Written and verbal English language skills. 

    What you'll get: 

  • Health & Life insurance;
  • Stock options;
  • Self-Care days - 3 days per year;
  • Workplace Flexibility. Work From Home when you feel the need to focus. Come to the Office to promote collaboration. It’s up to you to decide together with your manager what will work best;
  • Referral bonus;
  • Annual bonus;
  • Superior training and professional development;
  • Regular team building activities;
  • Strong ties to leadership to progress your career sooner rather than later;
  • Gain experience working with Fortune 500 companies to solve complex data management challenges;
  • 25 days of paid time off;
  • Meal and benefit vouchers (fully covered);
  • Multisport card (fully covered);
  • Transport allowance (Litacka);
  • Beautiful office in the heart of Downtown Prague.

At least in my team, no one wants to do low-code work just to get things done quickly. I think if we didn't work on such tech heavy stuff, half of the people would leave. That's why we're looking for people who want to tackle difficult problems and things that no one has done before us.

Andrej Jurčo, Software Engineer

Closing Note:

At MANTA we know that professional superheroes are not born - they thrive when they are given space for self-growth, learning from co-workers, open expression, and the possibility of bringing their own ideas to the table. MANTA cultivates diversity and inclusion, regardless of national origin, age, gender, race, religion, disability, sexual orientation, gender identity, or veteran status.

Check out our Privacy Notice for more details on how we process and protect your data.

Share opportunity