• MidPoint
    • Download
    • Key features
    • Industry
      • Higher education
    • AI-powered IGA
    • Explore
    • Why choose OSS IGA?
  • Resources
    • Blog
    • Community
    • Upcoming Events
    • Resource Library
  • Services
    • Consulting Services
    • Support Subscriptions
    • MidPoint Training
  • Company
    • About Us
    • Partners
    • References
    • Career
Contact Us Start Now
Apply for this job
A valid name is required.
A valid email address is required.
Back to Job list

Job details

AppSec architect

Application Security Architect

Apply now

Place of work

Remote

Employment type

Full-time, Part-time

Start

Immediately

Salary

from 3700 € gross / month + bonuses

Expanding your horizons

We are creating midPoint, the world’s leading open-source identity governance and administration (IGA) platform. Join our expert product engineering team and help with embedding security into every stage of our software development lifecycle. Be a driver for security by design, secure by default and secure on failure principles, lead threat modeling and risk assessments, and improve our SSDLC to ensure compliance with ISO 27001, ENISA and the EU Cyber Resilience Act (CRA) Use your abilities to work on a challenging yet exciting projects with an experienced team by your side from anywhere at any time. Apply today and become one of us!



What you will do

Evolveum attracts extraordinary people who want to do their best work. Make a real impact with the following responsibilities

  • Propose continuous improvements to SSDLC processes and tooling to meet evolving security and regulatory requirements with a focus on security by design, secure by default and secure on failure
  • Oversight for implementation of cybersecurity principles (security by design, secure by default) in software development processes
  • Conduct and support threat modeling and risk assessments in line with risk management frameworks early in the design
  • Participate during all phases of the development lifecycle to ensure security architecture and design of the secure applications
  • Collaborate with Chief Product Officer (CPO) and developers to embed security in all phases of development lifecycle (requirements, design, coding, testing and deployment)
  • Collaborate with CPO (and CISO) on choosing and integrating security testing tools (SAST, DAST, SCA, IaC scanning) into CI/CD pipelines
  • Collaborate with CPO, CISO and developers to implement secure coding standards and provide training and guidance on secure design where needed
  • Establish security governance, standards and reference architectures aligned with ISO 270001, ENISA and CRA
  • Collaborate with CPO, CISO and developers to ensure findings are addressed and lessons learned are embedded into processes

Skills and qualifications

Has what you’ve read so far already hooked you? Check if you have what it takes to excel at this job:

Experience

5+ years of experience in security field targeting software development. Strong understanding of OWASP Top 10, common vulnerabilities (SQLi, XSS, CSRF, RCE, etc.). Hands-on experience with secure coding in one or more languages (Java, Python, etc.). Experience with DevSecOps pipelines and CI/CD integration. Excellent communication skills – ability to explain security issues to both technical and non-technical stakeholders. Certifications: CSSLP, OSWE, CEH, CISSP (with focus on AppSec) as nice to have. Familiarity with ISO 27001, ENISA and EU Cyber Resilience Act (CRA) is an advantage

Software development

Experience with product development is an advantage

Problem solving

A creative approach towards problems and the ability to find a solution

Identity management

Familiarity with the identity management field is an advantage

Enthusiastic attitude

A passion for technology and willingness to understand the details of how things work

Education

A bachelor’s degree (and higher) and/or a proven track record

Language

English skills on the B2 level or higher

Independence

The ability to work independently, in a team, and with customers

what working at Evolveum brings

Benefits you will truly enjoy

Remote first

Work conveniently from home like most of our team, or join the rest of the colleagues in offices located in Bratislava and Košice.

Professional open source

Join one of the biggest open source projects in identity management & governance, and embrace the pure open source philosophy.

Your public profile

Build your own personal brand with pride and nothing to hide. Jump on our open source wave and develop midPoint openly with us.

Self-development

The space for your personal growth at Evolveum is limitless. Use it to the maximum and watch the team support you in doing so.

Freedom at work

It’s all in your hands: enjoy flexible working hours, no middle management watching over your shoulder, and even the software & hardware of your choice.

Room for pet projects

Do you have a vision you would like to work on in addition to your main responsibilities? Use the opportunity to allocate some of your work time to a pet project.

Meritocracy at its best

Count on merit in terms of competency, ability, and achievements when it comes to taking over responsibilities and your position on the team.

Pro-employee environment

Work at a company that values its employees and shows it through possible extra vacation time, financial bonuses, career growth opportunities, and educational resources.

Even a 4-day work week

Join a company that values your grind and results over time spent in front of your screen. Evolveum is open to negotiating your time availability to fit your needs.

Job salary

wage tier

3700 €

From in gross / month + bonuses

About Evolveum and midPoint

Evolveum is a globally recognized EU-based organization that was established in 2011. With its dedicated team of professionals, Evolveum is the creator and maintainer of the leading open source identity platform midPoint. The feature set covering identity governance and administration makes midPoint an ideal choice for organizations seeking digital transformation to enhance security and efficiency.

Thanks to its worldwide effect, midPoint has a valuable community that provides a great source of knowledge and a place to share ideas. And when the IGA journey gets turbulent, Evolveum’s paid services and partners in over 45 countries are there to ensure organizations have the best midPoint experience possible. That is how Evolveum, even though it is a vendor of a completely open source product, has stable revenue that allows it to have a full-time dedicated technical and non technical team.

MidPoint Developer zone Github repository The midPoint book

What is identity management

Identity management is the process of having control over user’s account from its creation to the deactivation or deletion. Such control includes adding or removing user’s rights and access, and having an overview of its every change. In case of midPoint, the control is centralized in one place, while synchronizing all the data from source and target systems. In the result, data organization as well as the security and efficiency of the processes are significantly enhanced.

Become one of us

Do you have what it takes? Join us now!

Apply now

Please check your inbox or spam folder now to confirm your subscription.

Gartner Peer Insights
4.5/5.0 stars | 50+ reviews
Customers' Choice for Identity Governance
Cybersecurity Made in Europe

Copyright © 2011-2025 Evolveum s.r.o. All rights reserved

  • Privacy Policy
  • Cookies
  • Terms of Use
  • Career Policy
Gartner Peer Insights
4.5/5.0 stars | 50+ reviews
Customers' Choice for Identity Governance
Cybersecurity Made in Europe

Copyright © 2011-2025 Evolveum s.r.o. All rights reserved

  • Privacy Policy
  • Cookies
  • Terms of Use
  • Career Policy
  • MidPoint
    ▼
    • Download
    • Key features
    • Industry
      ▼
      • Higher education
    • AI-powered IGA
    • Explore
    • Why choose OSS IGA?
  • Resources
    ▼
    • Blog
    • Community
    • Upcoming Events
    • Resource Library
  • Services
    ▼
    • Consulting Services
    • Support Subscriptions
    • MidPoint Training
  • Company
    ▼
    • About Us
    • Partners
    • References
    • Career
Contact Us Start Now

[ Placeholder content for popup link ] WordPress Download Manager - Best Download Management Plugin

We respect your privacy. That's why we don’t collect your data, track you, or watch you. We just use the necessary cookies. Not consenting to the cookies will not limit your user experience. Read more

Cookie settings

Strictly necessary

Strictly necessary cookies help make a website navigable by activating basic functions such as page navigation and access to secure website areas. Without these cookies, the website would not be able to work properly.

NameProviderPurposeExpiryMore information
PHPSESSIDEvolveum s.r.o.Cookie generated by applications based on the PHP language. This is a general purpose identifier used to maintain user session variables. It is normally a random generated number, how it is used can be specific to the site, but a good example is maintaining a logged-in status for a user between pages.When you close your browser
moove_gdpr_popupEvolveum s.r.o.When this Cookie is enabled, these Cookies are used to save your Cookie Setting Preferences. You can enable or disable your Cookie Settings on our website at anytime via Cookie Settings.1 yearRead more
wordpress_test_cookieEvolveum s.r.o.Tests that the browser accepts cookies.SessionRead more
wp-settings-[user_id]Evolveum s.r.o.Used to preserve user’s wp-admin settings1 yearRead more
wordpress_[hash]Evolveum s.r.o.On login, WordPress uses the wordpress_[hash] cookie to store your authentication details. Its use is limited to the Administration Screen area, /wp-admin/SessionRead more
wordpress_logged_in_[hash]Evolveum s.r.o.Remember User sessionSessionRead more
wordpress_sec_[hash]Evolveum s.r.o.This cookie is used to store your authentication details. Its use is limited to the admin console area, /wp-admin/SessionRead more
wp-postpass_[hash]Evolveum s.r.o.This cookie is used to grant access to password protected areas of the site.10 days
wp-settings-time-[user_id]Evolveum s.r.o.The number on the end is your individual user ID from the user’s database table. This is used to customize your view of admin interface, and possibly also the main site interface.1 yearRead more

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Third party

Our website does not use any 3rd party cookies. We don’t collect your data, track you, or watch you. We respect your privacy.

Please enable Strictly Necessary Cookies first so that we can save your preferences!

Technical

NameProviderPurposeExpiryMore information
woocommerce_cart_hashEvolveum s.r.o.Helps WooCommerce determine when cart contents/data changes.When you close your browserRead more
woocommerce_items_in_cartEvolveum s.r.o.Helps WooCommerce determine when cart contents/data changes.When you close your browserRead more
wp_woocommerce_session_[hash]Evolveum s.r.o.Contains a unique code for each customer so that it knows where to find the cart data in the database for each customer.2 daysRead more
tk_aiEvolveum s.r.o.Stores a randomly-generated anonymous ID. This is only used within the dashboard (/wp-admin) area and is used for usage tracking, if enabled.SessionRead more
comment_author_{HASH}
comment_author_email_{HASH}
comment_author_url_{HASH}		Evolveum s.r.o.When visitors comment on your blog, they too get cookies stored on their computer. This is purely a convenience, so that the visitor won’t need to re-type all their information again when they want to leave another comment.These are set to expire a little under one year from the time they’re set.Read more

Please enable Strictly Necessary Cookies first so that we can save your preferences!