Trendyol Group

AppSec - Vulnerability Management Engineer

Posted 10 Days Ago

Be an Early Applicant

2 Locations

Hybrid

Mid level

eCommerce

The Role

The role involves managing web security, performing vulnerability assessments, guiding secure coding practices, and developing security tools. Additionally, it includes documentation and promoting security best practices among developers.

Summary Generated by Built In

ABOUT THE TEAM

We’re shaping the future of financial technology at Trendyol.

As Trendyol’s technology teams, we’re not only building for today we’re designing the financial experiences of tomorrow. From payment infrastructure and digital wallets to smart credit systems and personalized financial services, we create solutions that empower millions of users across our ecosystem.

With Trendyol Pay, we enable fast, secure, and seamless payment journeys. Through Trendyol Finance, we develop inclusive and accessible products that simplify financial decisions.

We are united by a shared purpose:To create a positive impact in our ecosystem by enabling commerce through technology

About the Role

As an Application Security Engineer, you’ll work closely with Trendyol’s engineering teams to enhance application security across our platforms. You’ll perform web and mobile security testing, validate fixes through code reviews, and provide expert guidance on secure coding practices. In this role, you’ll support our bug bounty program, develop custom security tools, and help drive root-cause analysis and remediation. We’re looking for a collaborative, open-minded teammate who is eager to improve, communicate clearly, and promote security best practices throughout the organization.

Your Main Responsibilities:

Ability to work collaboratively in a team environment and is a friendly, humble, responsible teammate.
Be a subject matter expert and guidance to Trendyol Engineering for secure coding practices, application security.
Experience in performing web security testing on web applications and mobile applications.
Ensuring to confirm of the fix of the vulnerability by making manual code review on the relevant commit.
Experience identifying and protecting against web application and web-service security vulnerabilities including those found in the OWASP Top 10.
Experience in fixing vulnerabilities, documenting and remediation guidance for discovered vulnerabilities.
Developing custom security tools and security rules(e.g. Semgrep / Nuclei)
Promoting security best practices among developers.
Ability to conduct root cause analysis against vulnerabilities and determine feasible technical solutions.
Managing Bug Bounty Platform.

Qualities We Are Looking For:

Experience with multiple programming/scripting languages (such as, Java, Golang, Python etc.)
Having excellent communication skills.
Experience with vulnerability management and enterprise remediation efforts.
Being an Agile minded team player.
Eagerness on self-improvement, open-minded, future-oriented.
English language skills for reading technical documentation and to fix the vulnerabilities with international developers.
Professional certification (e.g. eWPT, eWPTXv2, OSWE, eMAPT, GWAPT) preferred.
Familiarity with front-end and back-end web application frameworks (i.e. Spring, Gin, React, etc).
Bonus points for community contributions like public CVEs, bug bounty recognition, blogs, etc.

What We Offer

A hybrid working model with flexibility — a schedule that helps you find the right balance between flexibility and team bonding, including work-from-abroad opportunities and a summer working model.

A customizable FlexBenefits budget — Adjust your daily meal allowance, choose your health insurance package (and extend it to your spouse or children), and pick from additional benefits like fuel support or Trendyol shopping credits.

Comprehensive wellbeing support — Take advantage of our extended health package, which includes annual mini health screenings, access to location-based in-house doctors, psychologist and dietitian support, and HPV vaccination coverage.

Personalized training allowance and learning opportunities — Use your annual budget for any training or conference of your choice, explore our Learning Management System (LMS) anytime, and join in-person learning sessions offered throughout the year.

Responsibility from day one — Take full ownership from the start in a culture where every voice is heard and valued.

A diverse, international team — Collaborate with global peers across our offices in Berlin, Amsterdam, Dubai, and beyond, in a startup-spirited and collaborative environment.

Opportunities to grow with the best — Tackle meaningful challenges, develop through hands-on experience, and grow with the support of expert guidance and global mentoring.

Meaningful connections beyond tasks — Be part of team rituals, events, and social activities that help us stay connected and inspired.

Take the Next Step

If this role excites you, apply now and let’s take the next step together.

Want to get to know the team better first? Explore our Career Website, LinkedIn, or YouTube to learn more about #LifeatTrendyol and how we work.

Top Skills

Gin

Java

Nuclei

Python

React

Semgrep

Spring

View all jobs at Trendyol Group

View Trendyol Group Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

10,653 Employees

Year Founded: 2010

What We Do

We were founded in 2010 with a dynamic and agile start-up spirit. Since then, we have grown into a decacorn, backed by Alibaba, General Atlantic, Softbank, Princeville Capital, and several sovereign wealth funds. We believe that technology is the driver; e-commerce is the outcome. Thanks to our dedicated team, we are one of the top five e-commerce companies in EMEA and one of the fastest-growing e-commerce companies in the world! We deliver more than 1.5 million packages every day across 27 countries. We offer our 30 million customers a flawless shopping experience. Dreaming big is in our DNA: We're gearing up to be the leading global e-commerce platform. As a dynamic and passionate company, we are constantly growing with Trendyol Tech, one of the top R&D centres; Trendyol Express, the fastest growing delivery network; Dolap, the largest second-hand goods platform; and Trendyol Go, our instant food and grocery delivery service. And we’re not done yet! Now, we are on a journey to expand the positive impact we create to international markets. We opened our first international office in Berlin in May 2022 and Amsterdam followed in October 2022 and may others are on the way.