Senior Application Security Engineer - Remote Role

About the Role

We’re looking for a Senior Application Security Engineer to embed security into how we design, build, and operate software; not as an afterthought, but as part of everyday engineering. This Senior Application Security Engineer remote position allows you to work hands-on with product and engineering teams to identify risks early, improve secure-by-design practices, and continuously raise the bar of our application security posture.

What You’ll Do

• Embed security into the SDLC, integrating security activities across all phases: requirements, design, implementation, testing, deployment, and maintenance.
• Partner closely with engineering teams to ensure secure development practices are applied consistently.
• Review security controls for new features, services, and architectural changes.
• Run threat modeling sessions (e.g., STRIDE) for new and existing systems to identify threats, attack paths, misconfigurations, and insecure design patterns.
• Perform security-focused code reviews to identify vulnerabilities and risky implementations.
• Conduct manual and automated web application security testing (e.g., injection flaws, auth issues, access control gaps).
• Support engineering teams during application security incidents or vulnerability disclosures, contributing to triage and root cause analysis.
• Enable engineers through training, documentation, and hands-on guidance, acting as a trusted security partner.

Requirements

• Strong understanding of secure software development principles.
• Solid knowledge of common vulnerability classes (OWASP Top 10, CWE).
• Experience working within modern SDLCs and agile development workflows.
• Hands-on experience with application security tools (SAST, DAST, SCA, etc.).
• Experience integrating security tooling into CI/CD pipelines.
• Understanding of cloud-native architectures, APIs, and microservices.
• Background working closely with product and engineering teams.

Nice to Have

• Exposure to security metrics, maturity models, or AppSec program building.

What We Offer

• Fully remote work with a work-from-anywhere scheme.
• Flexible working hours.
• Health and life insurance program.
• Learning & development budget.
• Tech-driven, friendly team with an international mindset.

If you feel you’re a great fit, please apply! We’d love to hear from you! All applications will be treated with confidentiality.