• Design, implement, and scale secure AWS environments that balance innovation and compliance. • Build and maintain Terraform modules and infrastructure-as-code pipelines to ensure consistent, auditable, and secure deployments. • Lead regular security assessments, perform vulnerability testing, and drive incident response efforts. • Collaborate with engineering and DevOps teams to integrate security controls into CI/CD workflows and product lifecycles. • Define IAM strategies, implement network segmentation, apply encryption standards, and establish continuous monitoring practices. • Detect anomalies, investigate alerts, and respond to evolving threats across our cloud ecosystems. • Guide peers on secure design, share knowledge of emerging risks, and promote cloud security best practices. • Stay ahead of emerging threats and tools while shaping our long-term security strategy with creativity and foresight.

• Planning and implementing security devices in the areas of firewalling, WAF, e-mail security, endpoint security and network security • Maintaining complex IT systems, troubleshooting issues and further developing customer environments • Conducting workshops and training in IT security and providing leadership to project teams within the department

About Infiterra Join our mission to grow and transform the subscription economy by simplifying subscription service delivery. Infiterra enables IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. Our subscription commerce platform automates and unifies subscription workflows - from quote to bill- driving operational efficiency, billing accuracy, and scalable growth. Recognized as a global leader in subscription commerce, Infiterra combines innovation, performance excellence, and trusted expertise to help partners transform and grow. About the role We’re looking for a Senior Application Security Engineer to embed security into how we design, build, and operate software; not as an afterthought, but as part of everyday engineering. You’ll work hands-on with product and engineering teams to identify risks early, improve secure-by-design practices, and continuously raise the bar of our application security posture. This is a practical AppSec role: close to the code, close to the architecture, and deeply integrated into the SDLC. Infiterra’s headquarters are located in Thessaloniki, Greece, and the Engineering team is distributed across various locations throughout the country. However, this role is fully remote. What you’ll do Embed security into the SDLC - Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance. - Partner closely with engineering teams to ensure secure development practices are applied consistently. - Review security controls for new features, services, and architectural changes. Threat modeling & secure design - Run threat modeling sessions (e.g. STRIDE) for new and existing systems. - Identify threats, attack paths, misconfigurations, and insecure design patterns. - Collaborate with engineers to ensure systems follow secure-by-design principles. Secure code & architecture reviews - Perform security-focused code reviews to identify vulnerabilities and risky implementations. - Provide clear, actionable guidance on secure coding patterns and best practices. - Assess application and system architectures from a security perspective. Security testing & tooling - Perform manual and automated web application security testing (e.g. injection flaws, auth issues, access control gaps, insecure configs, logic flaws). - Operate, tune, and improve AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning). - Integrate and automate security checks within CI/CD pipelines. - Identify gaps in tooling and recommend or introduce improvements. Incident response support - Support engineering teams during application security incidents or vulnerability disclosures. - Contribute to triage, impact assessment, and root cause analysis. - Ensure lessons learned are fed back into design, tooling, and processes. Security awareness & enablement - Enable engineers through training, documentation, and hands-on guidance. - Create and maintain secure coding guidelines, checklists, and internal resources. - Act as a trusted security partner, not a blocker. Core requirements - Strong understanding of secure software development principles. - Solid knowledge of common vulnerability classes (OWASP Top 10, CWE). - Experience working within modern SDLCs and agile development workflows. - Hands-on experience with application security tools (SAST, DAST, SCA, etc.). - Experience integrating security tooling into CI/CD pipelines. - Experience with web application security testing. - Ability to assess risk pragmatically and prioritize remediation. - Understanding of cloud-native architectures, APIs, and microservices. - Background working closely with product and engineering teams. Nice to have - Exposure to security metrics, maturity models, or AppSec program building. Benefits - Fully remote work. - Work-from-anywhere scheme (travel and work). - Flexible working hours. - Health and life insurance program. - Learning & development budget. - Tech-driven, friendly team with a international mindset. If you feel you’re a great fit, please apply! We’d love to hear from you! All applications will be treated with confidentiality. Please note that due to the high volume of CVs received, only candidates who are a good fit will be contacted for an interview. As part of our commitment to diversity in the workforce, Infiterra is dedicated to Equal Employment Opportunity, ensuring that all individuals are treated with respect and consideration without regard to race, color, national origin, ethnicity, gender, disability, sexual orientation, gender identity, or religion.

About Infiterra Join our mission to grow and transform the subscription economy by simplifying subscription service delivery. Infiterra enables IT distributors, Managed Service Providers (MSPs), and telcos to succeed in the subscription economy. Our subscription commerce platform automates and unifies subscription workflows - from quote to bill- driving operational efficiency, billing accuracy, and scalable growth. Recognized as a global leader in subscription commerce, Infiterra combines innovation, performance excellence, and trusted expertise to help partners transform and grow. About the role We’re looking for a Senior Application Security Engineer to embed security into how we design, build, and operate software; not as an afterthought, but as part of everyday engineering. You’ll work hands-on with product and engineering teams to identify risks early, improve secure-by-design practices, and continuously raise the bar of our application security posture. This is a practical AppSec role: close to the code, close to the architecture, and deeply integrated into the SDLC. Infiterra’s headquarters are located in Thessaloniki, Greece, and the Engineering team is distributed across various locations throughout the country. However, this role is fully remote. What you’ll do Embed security into the SDLC - Integrate security activities across all SDLC phases: requirements, design, implementation, testing, deployment, and maintenance. - Partner closely with engineering teams to ensure secure development practices are applied consistently. - Review security controls for new features, services, and architectural changes. Threat modeling & secure design - Run threat modeling sessions (e.g. STRIDE) for new and existing systems. - Identify threats, attack paths, misconfigurations, and insecure design patterns. - Collaborate with engineers to ensure systems follow secure-by-design principles. Secure code & architecture reviews - Perform security-focused code reviews to identify vulnerabilities and risky implementations. - Provide clear, actionable guidance on secure coding patterns and best practices. - Assess application and system architectures from a security perspective. Security testing & tooling - Perform manual and automated web application security testing (e.g. injection flaws, auth issues, access control gaps, insecure configs, logic flaws). - Operate, tune, and improve AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning). - Integrate and automate security checks within CI/CD pipelines. - Identify gaps in tooling and recommend or introduce improvements. Incident response support - Support engineering teams during application security incidents or vulnerability disclosures. - Contribute to triage, impact assessment, and root cause analysis. - Ensure lessons learned are fed back into design, tooling, and processes. Security awareness & enablement - Enable engineers through training, documentation, and hands-on guidance. - Create and maintain secure coding guidelines, checklists, and internal resources. - Act as a trusted security partner, not a blocker. Core requirements - Strong understanding of secure software development principles. - Solid knowledge of common vulnerability classes (OWASP Top 10, CWE). - Experience working within modern SDLCs and agile development workflows. - Hands-on experience with application security tools (SAST, DAST, SCA, etc.). - Experience integrating security tooling into CI/CD pipelines. - Experience with web application security testing. - Ability to assess risk pragmatically and prioritize remediation. - Understanding of cloud-native architectures, APIs, and microservices. - Background working closely with product and engineering teams. Nice to have - Exposure to security metrics, maturity models, or AppSec program building. Benefits - Fully remote work. - Work-from-anywhere scheme (travel and work). - Flexible working hours. - Health and life insurance program. - Learning & development budget. - Tech-driven, friendly team with a international mindset. If you feel you’re a great fit, please apply! We’d love to hear from you! All applications will be treated with confidentiality. Please note that due to the high volume of CVs received, only candidates who are a good fit will be contacted for an interview. As part of our commitment to diversity in the workforce, Infiterra is dedicated to Equal Employment Opportunity, ensuring that all individuals are treated with respect and consideration without regard to race, color, national origin, ethnicity, gender, disability, sexual orientation, gender identity, or religion.