Senior Security Specialist

General Terms

Location: Novi Beograd

Remote / Office : Hybrid, 2 or 3 days in office (preferred) or Remote

Standard employment or B2B: Both are possible, B2B preffered.

About the Role

We are looking for a Senior Security Specialist to play a key role in safeguarding the security, stability, and resilience of large-scale, enterprise financial platforms. In this role, you will work at the intersection of application security, software engineering, and DevOps, helping ensure that modern, cloud-native systems remain secure without compromising performance or reliability.

You will take ownership of application security findings across multiple product versions, work closely with development teams and central security functions, and actively contribute to building a strong, security-first engineering culture.

Key Responsibilities

  • Take end-to-end ownership of application security findings, from identification and analysis through remediation and verification
  • Investigate and validate results from automated security tools, penetration tests, and dependency vulnerability scans
  • Assess, document, and manage false positives in collaboration with central security and governance teams
  • Upgrade, maintain, and secure Java and TypeScript/JavaScript dependencies across multiple applications and services
  • Identify and remediate vulnerabilities in deprecated, unsupported, or high-risk open-source libraries
  • Ensure that security fixes and upgrades are implemented safely and do not negatively impact existing system functionality or performance
  • Work closely with Agile, test-driven development teams, contributing security expertise throughout the SDLC
  • Support the design and implementation of secure integration patterns, APIs, and service-to-service communication
  • Collaborate with globally distributed engineering teams, acting as a trusted security partner rather than a gatekeeper
  • Contribute to CI/CD pipelines and modern DevOps practices, embedding security controls and checks where appropriate
  • Clearly communicate security risks, trade-offs, and remediation plans to both technical and non-technical stakeholders

Required Skills & Experience

  • Strong hands-on experience with application security in enterprise or financial systems
  • Deep knowledge of Java SE / Java EE (JEE) and enterprise application architectures
  • Practical experience with the Spring Framework, including technologies such as JMS, JPA/Hibernate, and related middleware
  • Experience securing applications using OAuth 2.0, OpenID Connect (OIDC), and Single Sign-On (SSO)
  • Solid understanding of secure design principles, threat modeling, and common vulnerability classes (OWASP Top 10, dependency risks, etc.)
  • Experience working with cloud-native architectures and modern CI/CD pipelines
  • Familiarity with automated security tooling (SAST, DAST, dependency scanning) and penetration testing outputs
  • Ability to balance security requirements with delivery speed, system stability, and developer experience

Ways of Working

  • Comfortable working in Agile environments with iterative delivery and continuous improvement
  • Proactive, ownership-driven mindset with a strong sense of responsibility for security outcomes
  • Collaborative communicator who can influence without authority and work effectively in distributed, global teams
  • Able to explain complex security topics clearly to developers, product managers, and other stakeholders

Why Join Us

  • Work on mission-critical financial platforms with real-world impact
  • Influence security practices across multiple products and teams
  • Be part of a modern engineering organization that values security by design, not security as an afterthought
  • Opportunity to grow as a senior technical specialist while collaborating with experienced security and engineering professionals
Apply for the position