Application Security Engineer

About the role

We are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. The role requires 3–5 years of combined software engineering and AppSec experience.

What you will do

• Write and maintain the scripts necessary to integrate security gates (SAST, DAST, SCA) seamlessly into the CI/CD pipeline
• Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts
• Assist in coding and deploying automated hardened baselines and secure coding patterns
• Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python

Must haves

• 3–5 years of commercial experience blending software engineering and DevSecOps/AppSec
• Solid coding proficiency in Python (for automation/scripting), with the ability to comfortably read and navigate Java source code
• Working knowledge of modern CI/CD orchestration tools and practical experience interacting with vulnerability scoring frameworks
• Ability to operate with minimal supervision on day-to-day execution, reliably completing complex scripting and integration tasks
• Upper-intermediate English level

Nice to haves

• Hands-on experience with specific CNAPP or ASPM platforms (e.g., Wiz)
• Basic understanding of application threat modeling

Benefits

Professional growth

• Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps

Competitive compensation

• Competitive USD-based compensation and budgets for education, fitness, and team activities

A selection of exciting projects

• Join projects with modern solutions development and top-tier clients

Flextime

• Flexible schedule with options to work from home or from the office