Back to digital nomads

Application Security Engineer

Other/Development
Permanent
Remote

On behalf of our client, a global cloud subscription commerce platform, we are looking for an Application Security Engineer to embed security into the way modern software is designed, built, and operated. This role focuses on making security a natural part of everyday engineering—not an afterthought.

 

You will work closely with product and engineering teams to identify risks early, strengthen secure-by-design practices, and continuously improve application security across the SDLC. This is a hands-on AppSec role, close to the code, architecture, and delivery pipelines.

 

What You Will Do

  • Embed security practices across all phases of the SDLC (design, development, testing, deployment).

  • Partner with engineering teams to ensure secure development practices are consistently applied.

  • Run threat modeling sessions (e.g. STRIDE) and identify attack paths and design risks.

  • Perform security-focused code and architecture reviews.

  • Conduct manual and automated web application security testing.

  • Operate and improve AppSec tooling (SAST, DAST, SCA, secrets scanning).

  • Integrate and automate security checks within CI/CD pipelines.

  • Track security metrics and drive continuous improvement of the AppSec program.

  • Support incident response, vulnerability triage, and root cause analysis.

  • Enable developers through training, documentation, and secure coding guidelines.

  • Act as a trusted security partner to engineering teams

 

What We Are Looking For

 

  • Strong understanding of secure software development principles.

  • Solid knowledge of common vulnerabilities (OWASP Top 10, CWE).

  • Experience working within modern SDLCs and Agile environments.

  • Hands-on experience with application security tools (SAST, DAST, SCA).

  • Experience with web application security testing.

  • Ability to assess risk pragmatically and prioritize remediation.

  • Understanding of cloud-native architectures, APIs, and microservices

Nice to Have

  • Experience integrating security tooling into CI/CD pipelines.

  • Background working closely with product and engineering teams.

  • Exposure to security metrics, maturity models, or building AppSec programs.

  • What’s In It for You

  • Opportunity to shape and mature an application security program.

  • Hands-on role with real impact on product and architecture decisions.

  • Close collaboration with experienced product and engineering teams.

  • Exposure to modern cloud-native and SaaS architectures.

  • A culture that values security enablement, not gatekeeping.

  • avatar

Theodosios Paidarakis

Resource Consultant

REFERENCE: job0000260422

Featured jobs