NIX, a global supplier of software engineering and IT outsourcing services, is looking for a Application Security Engineer in its office in Budapest (Vaci Greens, 13th district). You’ll be part of a team of professionals who are ready to find the best tailor-made IT solutions for their multinational clients in various industries and solve complex problems.

RESPONSIBILITIES:

• Perform Web/API application penetration testing and vulnerability assessments.
• Effectively communicate and coordinate with engineers, leads and stakeholders to deliver quality and security to the product.
• Document vulnerabilities and recommend remediations in clear, detailed reports with exceptional attention to details.
• Support product owners in remediating vulnerabilities.
• Triage results from SAST and DAST tools and validates real security issues.
• Help shape and improve team workflows, tools, and methodologies.
• Participate in knowledge sharing, secure coding training for developers, and internal team growth.
• Actively enhances professional expertise and skills.

WHAT WE EXPECT FROM YOU:

• 1+ year of professional hands-on experience in web application security, penetration testing, or ethical hacking.
• Strong knowledge of web security fundamentals.
• Comprehensive understanding of software development lifecycle (SDLC)
• Solid knowledge of testing methodologies (OWASP WSTG or similar application security methodologies).
• Familiarity with OWASP Top 10 and common web vulnerabilities (e.g., XSS, SQLi, SSRF).
• Solid knowledge of the various vulnerability types, their root cause, exploitation techniques and mitigation patterns.
• Proficient in using application security testing software and common penetration testing tools such as Kali Linux, Burp Suite, Metasploit, Nmap (NSE), Acunetix, etc.
• Knowledge of how modern web technologies and network protocols work.
• Basic scripting skills (e.g., Python, Bash, PowerShell).
• Strong English communication and reporting skills – both written and verbal.
• Curiosity, initiative, and a growth mindset.

WILL BE A PLUS:

• Prior experience in bug bounty programs or CTF competitions.
• Programming/development experience (any language: JavaScript, Python, etc.).
• Exposure to CI/CD pipelines and DevSecOps practices.
• Understanding and hands-on experience in cloud security (AWS/Azure/GCP).
• Awareness of privacy and compliance frameworks (e.g., GDPR, HIPAA, ISO 27001).
• Relevant certifications such as OSCP, CEH, CompTIA PenTest+, etc.

WHAT WE OFFER:

• Competitive compensation packages.
• Stable employment, based on a full-time employment contract.
• Private health insurance (Medicare Сlinic).
• AYCM sport pass, providing discounts at various sports facilities in Hungary.
• Interesting tasks and diverse opportunities for developing your skills.
• Free training courses, including English.
• Participation in internal and external thematic events, technical conferences.
• A spacious office in the heart of Budapest (13th district).
• All necessary devices and tools for your work.
• Friendly, motivating atmosphere.
• Active corporate life.