Resumo da vaga

Senior AppSec Engineer

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

About the role

We are looking for a Senior Application Security Engineer to architect and build automated security layers within the SDLC, engineering AI-enabled secure code scanning, hardened baseline automation, and CI/CD security tooling integration within a large-scale financial services program. You will work primarily in Python to build automated security runbooks, deploy and tune scanning tools, and provide code-level remediation guidance to development teams — operating with full autonomy and no daily supervision. AppSec and DevSecOps experience is strongly preferred; SAST/DAST/SCA and Java expertise are a plus.

What you will do

  • Engineer and deploy AI-enabled secure code scanning capabilities and “Golden Images” to drive secure-from-the-start adoption;
  • Automate the development of secure coding patterns and integrate them with traditional and Agentic SDLC workflows;
  • Architect the integration of continuous security scanning tools (SAST, DAST, SCA) into enterprise CI/CD pipelines, tuning them to eliminate noise;
  • Act as a senior technical SME, reading and reviewing complex application code (Java/Python) to provide software engineers with code-level remediation guidance.

Must haves

  • 5+ years of software engineering experience, ideally with a focus on Application Security and DevSecOps;
  • Strong coding and architectural proficiency in Python for security automation and scripting;
  • Fully autonomous execution capability, requiring no daily supervision to map out and build automated security runbooks;
  • Upper-intermediate English level.

Nice to haves

  • Deep, hands-on expertise deploying and tuning modern application security testing tools, including SAST, DAST, and SCA, and integrating them into complex CI/CD orchestration ecosystems;
  • Experience integrating LLMs, AI agents, or automated coding assistants to streamline vulnerability triaging or secure code generation;
  • Advanced application threat modeling experience;
  • Ability to confidently read, review, and secure enterprise source Java code.
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoDeveloperÁrea da vaga
Sinal de senioridadeSeniorNível do candidato
StackDevsecops, Java, PythonSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

Aplicações são salvas no WithMira para revisão e acompanhamento.

1Aplique com seu perfil e snapshot de currículo.
2O recrutador revisa seu fit para esta posição.
3Mensagens e decisões do recrutador ficam vinculadas a esta vaga.
Pronto para aplicar?0/3 prontoVerificar fit