Revizto

Senior Application Security Engineer

Revizto

full-time

Posted on:

Location Type: Remote

Location: Germany

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloudGoGraphQLJavaScriptPHPSDLCUnity

About the role

  • Play a key role in advancing and maturing our application security program by establishing secure development standards and embedding security throughout the entire software development lifecycle (SDLC)
  • Work closely with development, DevOps, and DevSecOps teams to ensure security is integrated from the outset
  • Managing vulnerabilities (keeping stuff patched and secure)
  • Checking open-source code for security issues (OSA / SCA)
  • Doing and improving code security reviews
  • Hardening API security (REST, GraphQL)
  • Doing threat modeling (STRIDE, PASTA, etc.) for new features
  • Launching and running the bug bounty program!
  • Building a "Security Champions" program across the engineering teams
  • Working with external teams on penetration tests
  • Sharing your security knowledge with everyone

Requirements

  • Min. 5 years in AppSec or a similar security role
  • Hands-on with SAST/DAST/IAST/RASP tools—especially Snyk and/or Acunetix
  • Real-world experience with vulnerability management and threat modeling. ( STRIDE, PASTA)
  • Experience launching or managing a bug bounty program
  • Experience with pentesting or working closely with pentest teams
  • Know your stuff when it comes to OWASP standards (ASVS, WSTG, etc.) and SSDLC principles
  • Good at API security (REST, GraphQL)
  • Can read and understand code in: PHP, JS, Go, C#, and C++ (especially Unity for desktop/mobile)
  • Broad knowledge across application and infrastructure security
  • Nice to Have Security certs like OSCP, GWEB, CSSLP
  • Experience with Unity / game engine security
  • Familiar with cloud security (AWS, AliCloud)
  • Know how to put security checks into CI/CD pipelines (GitHub Actions)
Benefits
  • Fully Remote
  • High Flexibility
  • Bi-Annual Company Wide Trips
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securitysecure development standardsvulnerability managementthreat modelingAPI securitySASTDASTIASTRASPcode review
Soft Skills
collaborationknowledge sharingprogram management
Certifications
OSCPGWEBCSSLP