Bulgarian Software Security Engineer wanted

Posted 13 hours 49 minutes ago by Red - The Global SAP Solutions Provider

Contract
Not Specified
I.T. & Communications Jobs
Not Specified, Bulgaria
Job Description

Role: Software Security Engineer Openings: 3/1 consultant per level - Junior, Mid-Senior, Senior

Start: June 2025 - 12 months (extension likely, project duration up to 3 years)
Location: Bulgaria (Sofia-based, remote-first with occasional on-site meetings)
Language: English (mandatory), Bulgarian (a plus)
Candidates must be based in Bulgaria

Our client is building a new security team in Sofia, Bulgaria, and is looking for passionate and qualified software security engineers to join as external contractors. This role is ideal for freelancers who want to shape secure software development practices in a modern, agile environment. You will work closely with cross-functional teams to implement and support SDOL processes and ensure that security is Embedded throughout the development cycle.

Key Responsibilities

  • Conduct security assessments (vulnerability scans, penetration tests, risk assessments)
  • Analyze vulnerabilities, manage false positives, and monitor SAST tools
  • Monitor security logs and respond to incidents and vulnerabilities
  • Manage Jira backlogs for security findings, exceptions, and risks
  • Report on security and compliance posture of software platforms
  • Support SDOL rollout and process documentation
  • Integrate security controls into CI/CD pipelines (SAST, DAST, dependency scanning)
  • Maintain security policies and procedures aligned with ISO 27001, SOC 2, HIPAA, GDPR
  • Configure and optimize security tools and scanners
  • Facilitate threat modelling and risk assessments (LeanIX, Signavio)
  • Support internal and external audits and certifications
  • Document security architectures, exceptions, and tool configurations
  • Collaborate on security concepts with architects, service owners, and SGS contacts

Your Profile

  • Experience in software security, DevSecOps, or application security
  • Familiarity with SDLC and secure development practices
  • Strong knowledge of SAST, DAST, vulnerability scanners, and threat modelling tools
  • Experience with Jira or similar systems for backlog management
  • Understanding of compliance standards (ISO 27001, SOC 2, HIPAA, GDPR)
  • Strong analytical and problem-solving skills
  • Threat modelling certification is a plus

Interested?
Send me your current project list as well as your hourly rate and availability.

Questions?
Feel free to ask anytime.

Best regards,

Ulla