Senior Python Engineer (AppSec)
Rol remoto de Developer con fit claro de ubicación del candidato.
Senior Python Engineer (AppSec)
Requisitos y responsabilidades
Contenido del rol extraído en secciones para revisar más rápido.
About the role
We are looking for a Senior Python Engineer to architect and build automated security layers within the SDLC, engineering AI-enabled secure code scanning, hardened baseline automation, and CI/CD security tooling integration across a large-scale financial services program. You will work in Python and Java to deploy and tune SAST, DAST, and SCA tools, provide code-level remediation guidance to development teams, and operate with full autonomy building automated security runbooks. The role requires 6+ years of software engineering experience with a strong AppSec and DevSecOps focus.
What you will do
- Engineer and deploy AI-enabled secure code scanning capabilities and Golden Images to drive secure-from-the-start adoption;
- Automate the development of secure coding patterns and integrate them with traditional and Agentic SDLC workflows;
- Architect the integration of continuous security scanning tools (SAST, DAST, SCA) into enterprise CI/CD pipelines, tuning them to eliminate noise;
- Act as a senior technical SME, reading and reviewing complex application code (Java/Python) to provide software engineers with highly specific, code-level remediation guidance.
Must haves
- 6+ years of software engineering experience with a strong subsequent focus on Application Security and DevSecOps;
- Strong coding and architectural proficiency in Python (for security automation and scripting) and/or Java (to confidently read, review, and secure enterprise source code);
- Deep, hands-on expertise deploying and tuning modern application security testing tools (SAST, DAST, SCA) and integrating them into complex CI/CD orchestration ecosystems;
- Fully autonomous execution capability, requiring no daily supervision to map out and build automated security runbooks;
- Upper-intermediate English level.
Nice to haves
- Experience integrating LLMs, AI agents, or automated coding assistants to streamline vulnerability triaging or secure code generation;
- Advanced application threat modeling experience.
Mantén una lista de respaldo.
Stack
Usa estas tags para comparar roles remotos similares.
Elegibilidad de ubicación
Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.
Flujo de contratación
Las aplicaciones se guardan en WithMira para revisión y seguimiento.