Software Security Engineer

Secure the future from code to cloud

About the role

As a Software Security Engineer at Centiro, you ll take ownership of Application Security (AppSec), playing a key role in making our applications secure from the inside out. You ll work hands-on with cloud platforms such as Azure, but also Google Cloud Platform using tools like Microsoft Defender for Cloud and Google Cloud Security Command Center to safeguard our systems and data.

In this role, you ll take the lead on integrating security tooling such as SAST/DAST into our CI/CD pipelines, managing application IAM, and strengthening container security. Your broad technical foundation and passion for secure development will help drive smart, scalable solutions across teams.

This role is a great fit for someone who enjoys the balance of collaboration and independent problem-solving. You ll partner closely with colleagues in development and operations, while also driving your own work forward. If you re analytical, hands-on and thrive in a fast-moving tech environment - this is your kind of challenge.

What youll do

• Design and implement safeguards such as monitoring, application identity management, and data protection.
• Continue the implementation of SAST solutions across all applicable projects.
• Support DevSecOps processes and collaborate with development and operations teams.
• Contribute to secure developer tooling and CI/CD pipelines.
• Conduct manual and automated security tests on web and mobile applications (using non-malicious payloads).
• Identify and remediate security vulnerabilities, and manage vulnerability scans to:
  • Identify new vulnerabilities
  • Validate that vulnerabilities have been fixed (validate manually if required)
  • Eliminate false positives
  • Manage third-party application package vulnerabilities
• Act as a security ambassador within the organization, supporting colleagues on security-related matters.
• Actively participate in security audits internal, customer-driven, or related to sales processes.
• Take part in handling security incidents and investigations.
• Stay up to date with the evolving threat landscape and help mitigate risks across our cloud platforms.
• Facilitate the security of internal and developer tools, ensuring a safe and streamlined engineering workflow.

Preferred Qualifications / Experience

• Minimum 10 years of work experience
• NET (and .NET Framework)
• Angular / TypeScript
• CI/CD, Azure DevOps, Octopus Deploy, Git
• Package managers (NuGet, pip, npm, etc.)
• Hands-on experience in techniques to exploit OWASP Top 10 principles
• Hands-on knowledge of SAST & DAST tooling (SonarQube, Burp Suite, Metasploit, Rapid7, etc.)
• Pen testing experience on Azure and/or GCP

Relevant certifications are considered an advantage.

Why Centiro

• Work with world-class brands while helping define the gold standard in cloud and application security.
• Shape the future of secure software delivery in a company that values curiosity, autonomy and shared success.
• Work alongside passionate and talented colleagues in a creative and stimulating environment.
• Enjoy the flexibility and agility of a fast-moving organization with short decision paths.
  

So.

Centiro is an award-winning Swedish tech company with more than 650 employees, founded in 1998. Our solutions enable and empower commerce for marquee brands and finer supply chains in 175+ countries. With our human-centric strategy, the company has ranked at the top 10 as a Great Place to Work for 15 years. Offices in Sweden, India, US, Canada, Spain and the UK. Read more at centiro.com.