Application Security Engineer

12 Minutes ago • All levels

Job Summary

Job Description

Join our security team as an Application Security Engineer to protect millions of players and services. You will identify and mitigate security risks across web applications, infrastructure, and internal tools, collaborating with developers and operations to integrate security into the software development lifecycle. This role involves hands-on security testing, automation, and tool development, directly influencing product security. You'll also contribute to security research, penetration testing, and implement cutting-edge solutions to counter emerging threats in a dynamic environment.
Must have:
  • Conduct security audits of internally developed web applications.
  • Perform internal penetration tests.
  • Carry out static and dynamic code analysis (SAST/DAST).
  • Implement, refine, and maintain tools for automatic testing of web applications.
  • Develop custom tools and solutions to improve the company’s overall security.
  • Contribute to internal research and participate in improving security processes.
  • Strong technical knowledge in computer and network security.
  • Solid understanding of modern operating systems and network protocols (Layer 2+).
  • Hands-on experience with Windows and Unix/Linux systems at the system administrator level.
  • Knowledge of web application attack vectors and protection methods (OWASP Top 10).
  • Experience with security scanners (Nmap, Nessus, Burp Suite, nuclei).
  • Programming skills in Python, .NET for code analysis and correction.
  • Willingness to learn additional programming languages.
  • Knowledge of vulnerability assessment and exploitation techniques.
  • Working proficiency in English.
Good to have:
  • Russian language skills
  • Programming skills in Go, Rust, Java in addition to Python/.NET
  • Experience with SAST/DAST tools and code security analysis
  • Practical experience with cloud security and containerized environments (AWS, GCP, Azure, Docker, Kubernetes)
  • Understanding of Active Directory security, including common attack techniques and defense mechanisms
  • Higher technical education (Computer Science, Information Security, or related)
  • Security certifications such as OSCP, OSCE, OSWE, CEH, or similar
  • Experience in penetration testing of real-world systems
  • Participation in Bug Bounty programs
  • Published security research, CVEs, or whitepapers
  • Experience in CTF competitions
Perks:
  • Annual leave of 20 working days (additional days based on years of service at Wargaming: up to 25 days)
  • Additional paid time off (5 Personal Days, Birthday Leave, Marriage Leave, Compassionate Leave)
  • Sick Leave Compensation, Maternity Leave Benefits
  • Premium Private Health Insurance
  • Career development and education opportunities within the company
  • English clubs and platform for learning languages
  • Mental well-being program (iFeel)
  • Commuting allowance
  • Company events
  • FitPass membership
  • Discounts for employees
  • Personal Gaming Account
  • Coffee, fruits, and snacks in the office
  • On-site canteen with subsidized prices for food and drinks
  • Seniority Awards
  • Referral program - you can recommend the best talents to the Company and receive a reward

Job Details

Job Overview

We are looking for an Application Security Engineer to join our security team and help us safeguard millions of players and the services they rely on. In this role, you will be responsible for identifying and mitigating security risks across web applications, infrastructure, and internal tools. You will work closely with developers, operations, and other security professionals to integrate security practices into the software development lifecycle and strengthen the company’s overall security posture. This position combines hands-on security testing, automation, and tool development, offering the opportunity to directly influence how security is built into our products. You will also have the chance to contribute to security research, penetration testing, and the implementation of cutting-edge solutions to stay ahead of emerging threats. If you are passionate about application security and eager to take on complex challenges in a dynamic environment, this role is for you.

Reports to

The Application Security Engineer will report to Application Security Team Lead

What will you do?

  • Conduct security audits of internally developed web applications.
  • Perform internal penetration tests.
  • Carry out static and dynamic code analysis (SAST/DAST).
  • Implement, refine, and maintain tools for automatic testing of web applications.
  • Develop custom tools and solutions to improve the company’s overall security.
  • Contribute to internal research and participate in improving security processes.

What are we looking for?

  • Strong technical knowledge in computer and network security.
  • Solid understanding of modern operating systems and network protocols (starting from Layer 2).
  • Hands-on experience with Windows and Unix/Linux systems at the system administrator level.
  • Knowledge of web application attack vectors and protection methods (OWASP Top 10, common vulnerabilities, exploitation techniques).
  • Experience with security scanners and an understanding of how they work (e.g., Nmap, Nessus, Burp Suite, nuclei).
  • Programming skills in Python, .NET (ability to read, analyze, and make corrections).
  • Willingness to learn additional programming languages used within the company (for developing custom tools).
  • Knowledge of vulnerability assessment and exploitation techniques.
  • English at Intermediate level or above (working proficiency).

What additional skills will help you stand out?

  • Russian language skills
  • Programming skills in Go, Rust, Java in addition to Python/.NET.
  • Experience with SAST/DAST tools and code security analysis.
  • Practical experience with cloud security and containerized environments (AWS, GCP, Azure, Docker, Kubernetes).
  • Understanding of Active Directory security, including common attack techniques and defense mechanisms.
  • Higher technical education (Computer Science, Information Security, or related).
  • Security certifications such as OSCP, OSCE, OSWE, CEH, or similar.
  • Experience in penetration testing of real-world systems.
  • Participation in Bug Bounty programs.
  • Published security research, CVEs, or whitepapers.
  • Experience in CTF competitions.

Work mode

  • Hybrid (2-3 days of work from the office).
  • This role isn't eligible for relocation support.

Benefits

Benefits and perks are tailored to the local market and culture. Our benefits in Belgrade include:

  • Annual leave of 20 working days (additional days based on years of service at Wargaming: up to 25 days)
  • Additional paid time off (5 Personal Days, Birthday Leave, Marriage Leave, Compassionate Leave)
  • Sick Leave Compensation, Maternity Leave Benefits
  • Premium Private Health Insurance
  • Career development and education opportunities within the company
  • English clubs and platform for learning languages
  • Mental well-being program (iFeel)
  • Commuting allowance
  • Company events
  • FitPass membership
  • Discounts for employees
  • Personal Gaming Account
  • Coffee, fruits, and snacks in the office
  • On-site canteen with subsidized prices for food and drinks
  • Seniority Awards
  • Referral program - you can recommend the best talents to the Company and receive a reward

##### Please submit your CV in English to ensure smooth processing and review.

About Wargaming

Wargaming is an award-winning online game developer and publisher headquartered in Nicosia, Cyprus. Operating since 1998, Wargaming has become one of the leaders in the gaming industry with 15 offices worldwide, including studios in Chicago, Prague, Shanghai, Tokyo, and Vilnius. Our diverse and multicultural team works together to deliver a top-class experience to millions of players who enjoy Wargaming's titles across all major gaming platforms. Our flagship products include free-to-play hits World of Tanks, World of Warships and World of Tanks Blitz.

Please see Wargaming Candidate Privacy Policy for details on how Wargaming uses your personal data.

Similar Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Skill Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Jobs in Belgrade, Serbia

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

Similar Category Jobs

Looks like we're out of matches

Set up an alert and we'll send you similar jobs the moment they appear!

About The Company

Wargaming is a place where ideas, no matter how crazy, can be realized. Not every gaming company can offer such creative freedom. Discover the latest news. Become a trusted and recognized member of a constantly evolving team, where your creativity can flourish and there is always room to grow.

Belgrade, Serbia (On-Site)

Vilnius, Vilnius County, Lithuania (On-Site)

Nicosia, Nicosia, Cyprus (On-Site)

Warsaw, Masovian Voivodeship, Poland (On-Site)

Nicosia, Nicosia, Cyprus (Hybrid)

Vilnius, Vilnius County, Lithuania (Hybrid)

Vilnius, Vilnius County, Lithuania (On-Site)

Belgrade, Serbia (On-Site)

View All Jobs

Get notified when new jobs are added by Wargaming

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug