This website uses cookies to ensure you get the best experience.

Verne and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Verne career site
Cyber Security · City of Zagreb - Buzin

Senior Application Security Specialist

We are looking for a Senior Application Security Specialist. You will work on building secure products that deliver secure services. You will contribute significantly to our secure software development lifecycle (SSDLC). You will be an active contributor to the product's security architecture, not a bystander. You will work closely with product and software teams to define, implement, and test effective security measures. Your responsibilities include threat modeling, analyzing applications, services, and computing platforms through the entire stack, identifying security controls, conducting security testing, and managing vulnerabilities.

Who are we?

At Verne, we're building an ecosystem to progress our society through a journey of curiosity and innovation. Named in honor of Jules Verne "the man who invented the future,". We are the first European solution for autonomous journeys. We adopt an integrated approach, including vehicle design, infrastructure development, and the full digital experience.

As a growing startup, we thrive on curiosity, innovation, and bold ideas. If you’re ready to make your mark in a fast-paced, dynamic environment, this could be the role for you.

What will you do?

Regular tasks

  • Define product security and privacy requirements (i.e. work with business people).

  • Contribute to the secure software development lifecycle (i.e. work with developers).

  • Contribute to building the platform and the pipeline (i.e. work with IT/infra/dev/cloud ops).

  • Analyze technical solutions to address security weaknesses across the stack.

  • Analyze system services and identify issues in code, infrastructure, networks, and applications.

  • Determine the most efficient way of remediating identified issues by applying appropriate security measures.

  • Design, plan, and execute security testing.

  • Manage vulnerabilities and lead the remediation of discovered issues.

  • Document your work clearly to ensure effective knowledge transfer and collaboration.

Responsibilities

  • Product Security:

-   Contribute to defining security and privacy measures that will support business objectives and user expectations.

  • Threat Modeling:

-   Perform detailed analysis of technical solutions to identify security weaknesses and vulnerabilities.

-   Work closely with development teams and propose appropriate security solutions

-   Perform comprehensive analysis of system services, code, infrastructure, networks, and applications to identify security issues.

-   Identify and address security concerns, ensuring the overall integrity and security of the system.

-   Identify and recommend appropriate security controls to manage identified risks.

-   Work with relevant teams to ensure the efficient implementation of security mechanisms.

  • Development:

-   Collaborate with development teams and technical stakeholders to integrate security requirements into the SDLC.

-   Provide guidance on secure coding practices and lead the development of security controls.

  • Security Testing:

-   Contribute to scoping, planning, and executing security testing, including SAST/DAST, code reviews, and penetration testing.

-   Collaborate with testing teams to ensure comprehensive security testing coverage.

  • Vulnerability Management:

-   Manage the full vulnerability lifecycle, from identification through remediation and validation.

-   Coordinate with development and operations teams to prioritize and remediate vulnerabilities.

  • Documentation:

-   Document work in a concise and understandable manner

-   Create documentation that supports knowledge transfer and enables collaboration

  • Continuous Improvement:

-   Stay informed about industry best practices, emerging threats, and advancements in security technologies.

-  Continuously assess and improve security processes to adapt to evolving threats and technologies.

What do you need to succeed?

  • Desire to understand how things work, and the analytical mindset to break them..

  • Desire to learn, grow, and evolve.

  • Courage to speak up when a problem is identified.

  • Ability to know how and when to say “No”.

  • Bachelor’s degree in Computer Science or a related field.

  • 5 years of experience in information/cybersecurity and/or software development with a focus on security.

  • While we value focused work, you must be able to communicate with various stakeholders on a daily basis (both business and tech).

  • Ability to communicate clearly, professionally, and constructively to resolve issues without conflict.

  • Strong understanding of software design and architecture concepts.

  • Hands-on experience with Azure security services and securing cloud-native applications.

  • Ability to read and write code to understand and follow development logic (development background is not required, but code literacy is essential).

  • Proficiency with Git and version control workflows.

  • Knowledge of common security tools and techniques across the entire stack.

  • Hands-on experience with threat modeling based on industry-standard methodologies (e.g., STRIDE, PASTA).

  • Hands-on experience with AppSec tools such as SAST, DAST, and SCA.

  • Hands-on experience implementing security measures into DevOps pipelines (DevSecOps).

  • Hands-on experience assessing and securing open-source software components.

  • Ability to plan and execute various types of security testing.

  • Experience in managing the remediation of application security issues and assessing risk.

What’s in it for you?

Joining Verne means becoming part of a team shaping the future of autonomous mobility. Here’s what we offer:

  • The chance to collaborate with experts from 20+ industries.

  • Ownership of your projects, with the freedom to innovate and take initiative.

  • A culture of transparency, feedback, and open communication.

  • Comprehensive financial and wellbeing support designed to meet diverse needs.

  • The excitement of working in a fast-growing startup where your ideas truly matter.

How can you apply?

If this role and our mission resonate with you, hit the Apply button! We typically review applications within 3-4 business days, but since we want to give each one the attention it deserves, please allow a little extra time if needed. Once we've had a chance to fully evaluate your submission, we’ll reach out with details about the next steps.

If shortlisted, here’s what to expect:

  1. An initial HR interview focused on culture fit.

  2. A technical interview with the Hiring Manager.

  3. A final interview with C-level.

Not sure if this role is the right fit?

We’re always looking for creators who challenge the status quo and aren’t afraid to take the lead. If that’s you, explore our story - we might have other opportunities that spark your interest.

Verne (Project 3 Mobility) is a company comprised of people with different qualities and backgrounds, because we believe our differences make us stronger. That is why we evaluate qualified applicants fairly and equally, without regard to race, colour, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, age, familial status, and other legally protected characteristics. All applications will be considered in accordance with the regulations of personal data protection.

Department
Cyber Security
Locations
City of Zagreb - Buzin

About Verne

At Verne, we're building an ecosystem, to progress our society through a journey of curiosity and innovation. Named in honour of Jules Verne "the man who invented the future". We are the first European solution for autonomous journeys. We adopt an integrated approach, including vehicle design, infrastructure development, and the full digital experience. Verne is about moving forward together.

Founded in 2019
Co-workers 200
Cyber Security · City of Zagreb - Buzin

Senior Application Security Specialist

Loading application form

Applicant tracking system by Teamtailor