Security Engineer

B2B

Safetyheads

Our client is building a production-ready MVP for a national deposit-return system supporting Small Collection Points (MPZ).
The engineering team works closely with stakeholders, delivering a secure, auditable system where mobile applications and backend services handle real financial settlements.

The project focuses on security engineering across the entire stack — mobile application, backend services, cloud infrastructure and compliance — ensuring alignment with Zero Trust principles, OWASP standards and regulatory requirements.

🛠 Key Technologies:

  • Mobile security (Flutter / Android / iOS)
  • Backend security (.NET, REST APIs)
  • Cloud security (Microsoft Azure)
  • TLS 1.2 / 1.3, encryption at rest (TDE)
  • OWASP Mobile Top 10 / OWASP Web Top 10
  • CI/CD security tooling (SAST, SCA)
  • Zero Trust architecture

💼 Your Responsibilities:

Mobile application security

  • Define and validate security mechanisms: secure storage, certificate pinning, obfuscation, anti-tampering and protection against reverse engineering
  • Assess risks related to operational devices (Android / iOS, including Zebra devices)
  • Support security reviews for App Store and Google Play compliance

Backend and data security

  • Design and review the Data Access Layer (DAL), including protection against SQL Injection and tenant isolation
  • Ensure secure communication and data protection (TLS 1.2/1.3, encryption at rest)
  • Review and secure API endpoints for mobile applications

Testing and audits

  • Plan and coordinate:
  • penetration tests for mobile applications and backend services
  • Zero Trust security tests
  • security audits
  • Support preparation of security artefacts (SARA, VZZ, PRA, SeCO)

Compliance and governance

  • Ensure compliance with OWASP standards, GDPR/RODO and client security policies
  • Prepare security and compliance documentation
  • Support internal and external security audits

DevSecOps and cloud security

  • Secure Azure environments (WAF: Front Door / Application Gateway, API Management, Key Vault, Managed Identity, network segmentation)
  • Integrate security tools into CI/CD pipelines (SAST, SCA)
  • Support secure development practices across engineering teams

🌍 Project setup:

  • Start: within 2–3 weeks
  • Duration: MVP delivery phase with possible continuation after pilot
  • Team: cross-functional engineering team (backend, mobile, QA, security, product)

About us
We are a Software House with experience in cybersecurity, specialised in developing mobile and web applications and providing IoT solutions.

We cooperate with industrial companies and IT e-commerce businesses.

We have created a low-code platform — 5Days — designed as a fast and cost-effective tool for building enterprise-class IT solutions.

You can become part of SafetyHeads while continuing to work on other projects at the same time.

Why it’s worth joining us?

Health care

Individual training budget

Fully remote work

Flexible working hours

Unique working atmosphere

Family-friendly community

Knowledge sharing with developers with extensive experience

In-house training programs (Angular, IOS, Android, CyberSecurity Leadership)

Recruitment process

1
2
3

HR call

After we receive your CV you will have a short conversation with HR, during which we will initially tell you about SafetyHeads, the project and the role that interests you, and we will gladly hear about your expectations.

Online meeting

We invite you to a 1.5-hour meeting with HR and a technical person, during which we will get to know each other better, talk about your experience and the possibilities we have for you.

Meeting with the customer

The client is also very happy to meet you. There will be one or two interviews with him, if necessary.

Feedback

We will get back to You with the results of the recruitment regardless of the outcome. Hopefully it will always be good news.

We use cookies on our website, hope you don’t mind.

Read moreAgree