Application Security Engineer

Accountabilities

• Identify, analyze, and remediate application security vulnerabilities using modern application security posture management (ASPM) tools and related security technologies.


• Build, maintain, and enhance ASPM tools, rules, and automation to strengthen application security across engineering teams.


• Integrate security best practices into the software development lifecycle (SDLC) in close collaboration with development and platform engineering teams.


• Conduct manual and automated penetration testing to identify weaknesses in applications and supporting infrastructure.


• Lead threat modeling sessions and risk assessments for both new and existing applications to proactively address security risks.


• Develop, maintain, and promote secure coding standards and guidelines for engineering teams.


• Serve as a subject matter expert in application security, providing guidance and support to internal teams across the organization.


• Stay up to date with emerging security threats, vulnerabilities, attack techniques, and mitigation strategies.


• Contribute to the continuous improvement of security engineering processes, automation, and tooling.

Requirements

• Minimum of 4 years of experience in application security, secure software development, or related cybersecurity engineering roles.


• Strong understanding of application security risks, including OWASP Top 10 and common web and system vulnerabilities.


• Hands-on experience with secure coding practices in languages such as Python, Go, Java, or JavaScript.


• Proficiency in at least one programming language (e.g., Go or Python) with willingness to learn additional technologies.


• Practical experience with security testing tools such as Burp Suite, OWASP ZAP, Semgrep, or equivalent solutions.


• Experience conducting threat modeling exercises and security risk assessments.


• Solid understanding of authentication and authorization protocols such as SAML, OAuth, or OIDC.


• Strong analytical thinking and problem-solving skills with attention to detail in complex systems.


• Excellent communication skills in English, with the ability to explain technical security concepts to engineering teams.


• Ability to work independently while collaborating effectively in distributed and fast-paced environments.


• A proactive mindset and willingness to continuously learn and adapt to new security challenges.


• Security certifications such as OSCP or OSWE are considered a strong advantage.


• Experience with security automation, compliance translation, or exploitation of complex systems is a plus.

Benefits

• Competitive compensation package aligned with experience, skills, and location.


• Opportunity to work on large-scale, high-impact AI and cloud infrastructure projects.


• Flexible, remote-friendly working environment with strong autonomy and ownership.


• Career growth opportunities in a highly technical and fast-evolving security domain.


• Exposure to cutting-edge technologies in cloud computing, AI platforms, and distributed systems.


• Collaborative and innovative engineering culture focused on trust, learning, and impact.


• International environment working with highly skilled engineering and security teams.


• Inclusive workplace with equal opportunity policies and strong support for diversity.

Cette annonce provient de ats_lever. Voir l'annonce originale ↗