FloSports

Application Security Engineer

FloSports

full-time

Posted on:

Location Type: Hybrid

Location: AustinTexasUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSCloudGoJavaScriptKubernetesNode.jsPython

About the role

  • Partner with Engineering on Security
  • Work directly with development teams to triage, explain, and remediate security findings
  • Conduct lightweight security reviews of code changes, architecture decisions, and new features
  • Be a trusted resource that engineers actually want to consult—not a blocker they work around
  • Integrate Security into CI/CD
  • Manage and optimize our security tooling: AWS Security Hub, GitHub security features, and Aikido
  • Build and maintain automated security checks in our deployment pipelines
  • Reduce noise by tuning tools to surface real risks, not false positives
  • Drive Vulnerability Management
  • Own the vulnerability lifecycle from discovery through remediation
  • Prioritize findings based on actual risk to the business, not just CVSS scores
  • Track metrics and report on security posture to leadership
  • Build Security Knowledge Across Engineering
  • Create practical secure coding guidelines that developers will actually use
  • Run lightweight training sessions and lunch-and-learns on common vulnerability patterns
  • Document security patterns and anti-patterns specific to our stack
  • Grow Our AppSec Practice
  • Help establish application security processes as we scale
  • Contribute to security architecture decisions for new products and features
  • Stay current on emerging threats and bring relevant insights to the team

Requirements

  • 2+ years of experience in software engineering, DevOps, or security
  • Solid understanding of web application security fundamentals (OWASP Top 10, common vulnerability classes)
  • Hands-on experience with at least one programming language (Python, JavaScript/Node.js, Go, or similar)
  • Familiarity with CI/CD pipelines and modern development workflows (GitHub Actions, Helm, etc.)
  • Understanding of secure coding practices and common vulnerability patterns
  • Experience with or strong interest in security tools (SAST, DAST, SCA, or cloud security)
  • Familiarity with AWS security services (Security Hub, IAM, GuardDuty) is a plus
  • Knowledge of container security and Kubernetes is a plus
  • Genuine curiosity about security—you enjoy understanding how things break
  • Strong communication skills—you can explain security concepts to developers without being condescending
  • Collaborative approach—you see yourself as a partner to engineering, not a gatekeeper
  • Growth mindset—you're eager to learn and develop your AppSec expertise
Benefits
  • Recognized three years in a row as a Top Workplace by the Austin-American Statesman
  • Flexibility at work - you can take control of your profession and personal schedule
  • All-hands events hosted annually in beautiful Austin, Texas
  • Annual equity awards for all top performers
  • Competitive and comprehensive medical, dental and vision plans
  • Peace of mind through company-paid short-term disability, long-term disability and life insurance
  • Generous 401(K) company match vested immediately
  • Progressive parental leave policies
  • Flexible paid time off
  • Hack-a-thons and a full calendar of team-building and social events
  • Company donation to youth teams and leagues that our employees coach
  • Stocked snack bar, catered lunch and breakfast tacos every week
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
web application securitysecure coding practicesvulnerability managementprogramming languagesCI/CD pipelinessecurity architecturecontainer securityKubernetesSASTDAST
Soft Skills
strong communicationcollaborative approachgrowth mindsettrusted resourcetraining and mentoringcuriosity about securityability to explain conceptspartnership with engineeringproblem-solvingadaptability