Application Security Specialist

About PayU

PayU, a leading payment and Fintech company in 50+ high-growth markets throughout Asia, Central and Eastern Europe, Latin America, the Middle East and Africa, part of Prosus group, one of the largest technology investors in the world is redefining the way people buy and sell online for our 300.000+ merchants and millions of consumers. As a leading online payment service provider, we deploy more than 400 payment methods and PCI-certified platforms to process approximately 6 million payments every single day.

We’re looking for an Application Security Specialist who’s ready to turn security into a core part of how we build. If you love digging into code, automating defenses, and making applications safer every day - this role is for you!

RESPONSIBILITIES:

• Implement and monitor security measures across applications, systems, and networks.
• Define and refine security requirements in collaboration with development and infrastructure teams.
• Configure, harden, and troubleshoot application and security components.
• Build tools and solutions to detect, mitigate, and automate remediation of vulnerabilities.
• Manage vulnerability assessments, penetration tests, and external bug bounty reports.
• Champion secure coding practices throughout the SDLC through reviews, threat modeling, and security gates.
• Integrate automated security checks into CI/CD pipelines with development teams.
• Investigate and respond to security incidents, performing technical analysis and containment.
• Assess overall security posture, identify gaps, and drive continuous improvement.
• Deliver clear reports, dashboards, and executive summaries on risks, remediation progress, and trends.

WHAT WE OFFER:

• Employment under a contract of employment.
• Benefits: ability to develop one’s own package in MyBenefit system.
• Access to an internal training platform.
• Possibility to work in a hybrid model.
• Friendly work atmosphere in a cooperation-driven team.
• Work in an international organization operating in a rapidly changing industry.

QUALIFICATIONS AND EXPERIENCE:

• Minimum of a bachelor's degree in computer science, information systems, and/or equivalent formal training or professional experience.
• Minimum of 3 years of experience in IT or information security.
• Over 3 years of experience with security systems.
• Detailed technical knowledge of database and operating system security.
• Experience with SIEM and SOAR technologies.
• Experience in network security and network technology, as well as familiarity with system, security, and network monitoring tools.
• Knowledge of internet technologies (web applications, web services, service-oriented architectures) and network protocols.
• Familiarity with cybersecurity standards frameworks such as ISO and NIST.
• Experience with various cloud computing platforms and cloud security frameworks.
• Experience in preparing reports and documentation based on independent findings.
• Strong understanding of the OWASP Top 10 application security risks.
• Practical experience with Java and PHP application security.
• Knowledge of secure development and code review best practices for web applications.

BEHAVIOURAL COMPETENCIES:

• Problem-solving skills and ability to work under pressure.
• Effective communication with IT and technical departments.
• Strong analytical thinking.
• Ability to work independently.