Resumo da vaga

Application Security Engineer

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

Key Responsibilities

  • Act as a Security Champion across product teams, influencing design and engineering decisions to prioritize security from the outset.
  • Design solutions that are Secure by Design, integrating threat modeling and security requirements into feature architecture and design reviews.
  • Promote and enforce Secure Coding standards through CI/CD automation, peer reviews, and development training to reduce vulnerabilities at the source.
  • Lead Vulnerability Management & Remediation, overseeing identification, risk-based triage, and tracking of remediation efforts for security issues.
  • Develop and maintain standard security packages (e.g., secure configuration baselines, code templates, CI/CD security integrations) for consistent use across engineering teams.
  • Conduct and support Penetration Testing, both hands-on and automated to uncover vulnerabilities throughout environments, platforms, and release cycles.
  • Enable continuous improvement through Collaboration & Enablement, delivering security knowledge transfer, best practices, and feedback loops across teams.

To succeed in this role, you should have

  • 3 - 5 years of hands-on experience in application security (AppSec), DevSecOps, or similar roles.
  • Software engineer with a keen interest in Security.
  • At least 2 years of experience working in an engineering team a plus
  • Deep understanding of secure software development lifecycle (SDLC) and first-principles of secure-by-design engineering.
  • Skilled in security scanning tools (e.g., SAST, DAST, SCA), incident and remediation workflows, and security automation.
  • Proficiency in reading and writing code for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP)
  • Proven experience with pentesting or red-team engagements, identifying and exploiting application-level vulnerabilities.
  • Excellent communication skills, you're able to translate technical risks into actionable steps and help engineers incorporate security improvements.
  • Comfortable building trust as a security mentor and champion, raising security maturity across teams with patience and influence.
  • Contributions to security tooling/open-source projects.
  • OSCP, OSCE, GXPN, or similar offensive security certifications a plus
  • Experience with container sec

What we can offer you

  • Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
  • Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
  • Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.

What to expect in the hiring process

  • A preliminary phone call with the recruiter
  • A take home assessment
  • A technical interview with a lead in our Engineering Team
  • A behavioural and technical interview with a member of the Executive team.
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoApplication Security EngineeringÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackAWS, Azure, CI/CDSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.