Application Security Engineer ID71662

Important: after confirming your application on this platform, you’ll receive an email with the next step: completing your application on our internal site, LaunchPod. So keep an eye on your inbox and don’t miss this step — without it, the process can’t move forward.

Why join us

If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you! :)

About the role

We are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3–5 years of combined software engineering and AppSec experience.

What you will do

• Write and maintain the scripts necessary to integrate security gates (SAST, DAST, SCA) seamlessly into the CI/CD pipeline;
• Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts;
• Assist in coding and deploying automated hardened baselines and secure coding patterns;
• Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python.

Must haves

• 3–5 years of commercial experience blending software engineering and DevSecOps/AppSec;
• Solid coding proficiency in Python (for automation/scripting), with the ability to comfortably read and navigate Java source code;
• Working knowledge of modern CI/CD orchestration tools and practical experience interacting with vulnerability scoring frameworks;
• Ability to operate with minimal supervision on day-to-day execution, reliably completing complex scripting and integration tasks;
• Upper-intermediate English level.

Nice to haves

• Hands-on experience with specific CNAPP or ASPM platforms (e.g., Wiz);
• Basic understanding of application threat modeling.

The benefits of joining us

• Professional growth

Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps

• Competitive compensation

We match your ever-growing skills, talent, and contributions with competitive USD-based compensation and budgets for education, fitness, and team activities

• A selection of exciting projects

Join projects with modern solutions development and top-tier clients that include Fortune 500 enterprises and leading product brands

• Flextime

Tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.

Meet Our Recruitment Process

Asynchronous stage – An automated, self-paced track that helps us move faster and give you quicker feedback:

• Short online form to confirm basic requirements
• 30–60 minute skills assessment via Codility – a platform founded in Poland that helps us provide quicker feedback and streamline this stage of the process.
• 5-minute introduction video

Synchronous stage – Live interviews

• Technical interview with our engineering team (scheduled at your convenience)
• Final interview with your future teammates

If it’s a match — you’ll get an offer!