Senior Security Engineer​

We are looking for a Security SAST Engineer with expertise in static application security testing, especially using GitHub CodeQL, to join our security team.
This role involves analyzing Java libraries and client projects to uncover security vulnerabilities and potential risks in the code. You'll also be developing and maintaining CodeQL queries to enhance SAST coverage, as well as conducting false-positive/false-negative analyses to ensure accuracy in SAST results.

#LI-DNI

Responsibilities

• Conduct security analysis on Java libraries and SAP projects to identify vulnerabilities or unsafe code patterns
• Develop, test, and maintain custom CodeQL queries to improve SAST coverage and effectiveness
• Manage and update existing CodeQL queries to align with project needs and security standards
• Perform in-depth false-positive/false-negative analyses to refine SAST accuracy and reduce deviations in CodeQL results

Want more jobs like this?

Get jobs in Brezno, Slovakia delivered to your inbox every week.

Get Jobs

Send me The Muse newsletters for the best in career advice and job search tips.

By signing up, you agree to our Terms of Service & Privacy Policy.

• Experience with SAST tools (preferably GitHub CodeQL) and a solid understanding of SAST workflows
• Basic proficiency in Java and ability to read and interpret code across various programming languages
• Experience with GitHub Actions and GitHub Advanced Security (GHAS) is a plus
• Knowledge in Python, JavaScript, and C# is an advantage
• Strong attention to detail and problem-solving skills for precise query writing and code analysis

• Experience with rule or query writing for SAST tools
• Background in secure coding practices and code review

• Opportunity to work in a fast-paced, agile, software engineering culture
• Benefit program (5 weeks of vacation, 5 paid sick days, meal vouchers, cafeteria and recreation bonuses, reimbursement of glasses, contribution to pension fund)
• Referral bonuses for recommended candidates
• English language courses
• Great learning and development opportunities, including in-house professional training, career advisory and coaching, sponsored professional certifications, well-being programs, LinkedIn Learning Solutions and much more