Resumo da vaga

Senior Application Security Engineer

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

Security Strategy & Leadership

  • Define and execute security strategy for product teams, aligning with business objectives.
  • Lead threat modeling, security architecture reviews, and design guidance for diverse software projects.
  • Mentor engineers technically and professionally, fostering a culture of security excellence.

Advanced Technical Execution

  • Conduct adversarial security analysis using automated tools and manual techniques (e.g., custom exploit development).

Advanced Technical Execution

  • Perform manual/automated secure code reviews across Java, Python, JavaScript, and cloud-native stacks.
  • Develop security automation tools to scale vulnerability detection (SAST/DAST/IAST enhancements).

Risk Mitigation & Innovation

  • Identify complex risks through offensive security research; advocate for cutting-edge mitigation technologies.
  • Solve novel security problems lacking predefined solutions (e.g., zero-day vulnerabilities, emergent attack vectors).
  • Maintain and evolve threat models for critical applications and microservices architectures.

Collaboration & Enablement

  • Partner with the engineering team to embed security controls into CI/CD pipelines and development practices.
  • Design/deliver security training programs tailored to development teams and business stakeholders.
  • Lead incident response for application security events and drive root-cause analysis.

Qualifications Required

  • 5+ years in application security, including 2+ years in a senior/lead role.
  • Expertise in threat modeling (e.g., STRIDE, PASTA), penetration testing, and secure SDLC implementation.Proficiency in code review for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP).
  • Hands-on experience building security tools (e.g., scanners, CI plugins) with Python/Go.
  • Proven track record in security architecture design and risk-based decision-making.

Preferred

  • OSCP, OSCE, GXPN, or similar offensive security certifications.
  • Contributions to security tooling/open-source projects.
  • Experience with container security (Kubernetes, Docker), serverless, or infrastructure-as-code.

Skills

  • Leadership: Ability to define team strategy, mentor engineers, and influence stakeholders.
  • Innovation: Aptitude for researching/implementing novel solutions to ambiguous security challenges.
  • Technical Depth: Mastery of application security frameworks (OWASP, NIST) and exploit techniques.
  • Communication: Translate technical risks to business impact for executives and engineers alike.
  • Execution: Drive implementation of security controls

What we can offer you

  • Culture -We put our people first and prioritize the well-being of every team member. We’ve built a company where all opinions carry weight and where all voices are heard. We value and respect each other and always look out for one another. Above all, we are human.
  • Learning - We have a learning and development-focused environment with an emphasis on knowledge sharing, training, and regular internal technical talks.
  • Compensation - You’ll receive an attractive salary, pension, health insurance,, Employee Stock Options, annual bonus, plus other benefits.

What to expect in the hiring process

  • Preliminary phone call with the recruiter
  • Take home assessment
  • Technical interview with a Lead in our Engineering Team
  • Behavioural and technical interview with a member of the Executive team.
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoApplication SecurityÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackAWS, Azure, CI/CDSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.