Appen

Staff Engineer, Application Security

Appen

full-time

Posted on:

Origin:  • 🇮🇳 India

Visit company website
AI Apply
Apply

Job Level

Lead

Tech Stack

AWSCloudJavaKubernetesPythonReactSpring

About the role

  • Lead the design and implementation of application security architecture across our SaaS platforms.
  • Conduct security assessments, threat modelling, and code reviews to identify and mitigate vulnerabilities.
  • Perform technical security assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers to drive architecture changes
  • Collaborate with Engineering and Platform teams to integrate security best practices into the CI/CD pipeline.
  • Perform penetration testing, security audits, and vulnerability assessments.
  • Develop and maintain secure coding standards, guidelines, and training programs for engineering teams.
  • Implement and manage security tools such as SAST, DAST, and other security automation solutions.
  • Stay up to date with emerging security threats, technologies, and industry best practices.
  • Respond to security incidents and work with incident response teams to investigate and remediate issues.
  • Mentor and guide junior security engineers, fostering a culture of security awareness and continuous improvement.
  • Review, develop and document secure operational best practices, and provide security guidance for engineers and various internal and external partners
  • Develop and manage a secure software development lifecycle
  • Research, recommend, and develop security tools and technologies to strengthen defenses against emerging threats and vulnerabilities

Requirements

  • Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.
  • 8+ years of experience in Application Security, including secure software development and architecture.
  • Strong knowledge of secure coding practices, OWASP Top 10, and common application vulnerabilities.
  • Hands-on experience with security tools such as Snyk, SonarCloud, Burp Suite, Nessus, and others.
  • Threat detection and incident response: familiar with security incidents, ability to develop proactive strategies to mitigate risks through close collaboration with teams.
  • Familiarity with cloud security principles, preferably in AWS environments.
  • Experience with CI/CD pipelines and integrating security into DevOps workflows (DevSecOps).
  • Strong scripting and automation skills (e.g., Python, Bash, or similar).
  • Excellent problem-solving skills and the ability to think like an attacker.
  • Relevant certifications such as CISSP, OSCP, CEH, or similar are highly desirable.
  • Relevant work experience in offensive security, penetration testing or red teaming
Moveworks

Software Engineer, DevSecOps

Moveworks
Juniorfull-time$160k–$190k / year🇺🇸 United States
Posted: 25 days agoSource: boards.greenhouse.io
AWSAzureCloudDockerKubernetesPythonTerraform
Citi

Lead Information Security Officer

Citi
Seniorfull-time$141k–$212k / yearFlorida · 🇺🇸 United States
Posted: 9 days agoSource: citi.wd5.myworkdayjobs.com
AWSAzureCloudCyber SecurityGoGoogle Cloud PlatformJavaJavaScriptJenkinsPython
BeyondTrust

Senior Product Security Engineer

BeyondTrust
Seniorfull-time🇺🇸 United States
Posted: 6 days agoSource: boards.greenhouse.io
AWSCloudCyber Security
EX Squared LATAM

Full Stack Developer, React/Python

EX Squared LATAM
Mid · Seniorfull-time🇨🇷 Costa Rica
Posted: 3 days agoSource: exsquaredlatam.breezy.hr
AWSCloudDockerJavaScriptKubernetesLinuxPythonReact
EarnIn

Product Security Engineer

EarnIn
Mid · Seniorfull-time$139k–$170k / year🇺🇸 United States
Posted: 7 days agoSource: boards.greenhouse.io
AWSCloudDockerJavaJavaScriptKubernetesPython