Application Security Engineer (Vulnerability Validation)

Location: EU Remote (Preferably Ukrainian speaking) 
Client: Tier-1 Global Tech Leader

About the Role: We are looking for a Security Engineer to act as the human intelligence layer for our client’s AI-driven security initiative. You will be responsible for triaging and validating potential security vulnerabilities across a massive variety of codebases (C#, C++, Rust, TypeScript, JS, etc.). 

This is a unique opportunity to work with high-maturity, top-notch source code at a global scale and help protect software used by billions. Your goal is to distinguish genuine security threats from false positives and provide actionable feedback to senior engineering teams.

Responsibilities:

• Perform deep-dive manual source code analysis on findings generated by AI and SAST tools.
• Determine the "exploitability" of a finding based on data-flow and control-flow analysis.
• Write clear, concise technical reports for developers explaining the vulnerability and why it is a true positive.
• Collaborate with the client to refine AI detection logic based on your triage results.

Requirements:

• 3+ years in Application Security, Security Research, or specialized Quality Assurance.
• The "Polyglot" Mindset: Demonstrated ability to read and understand multiple languages (C#, C++, TypeScript/JS are high priority).
• Deep understanding of common vulnerabilities, such as OWASP Top 10 and SANS Top 25 vulnerabilities.
• Demonstrable manual and SAST source code  review experience
• Education: Degree in CS, Cyber Security, or equivalent experience.
• Language: Professional English (B2).

Bonus Points:

• Pentesting experience and relevant certifications, such as OSCP, OSWE, or GWEB.
• Binary vulnerabilities