Swapcard

Application Security Engineer

Swapcard

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇵🇹 Portugal

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

About the role

  • Own and manage our Bug Bounty program: triage reports, validate findings, and reproduce PoCs.
  • Collaborate with developers and product owners to propose and support remediation of security issues.
  • Write or review pull requests to fix security vulnerabilities directly in the codebase.
  • Validate results from external pentests and integrate them into the development backlog.
  • Contribute to threat modeling, code review, and security design discussions.
  • Support the Secure Development Lifecycle (SAST, dependency scanning, security automation in CI/CD).
  • Perform lightweight pentesting of new features and releases when needed.
  • Maintain clear documentation to support AppSec processes.
  • Coordinate security communication between Security, Developers, and Product for faster resolution of security tickets.

Requirements

  • Previous experience as a developer (any modern backend/frontend stack).
  • Hands-on security experience through bug bounty programs, CTFs, or pentesting.
  • Solid understanding of common application vulnerabilities (OWASP Top 10, SSRF, IDOR, etc.).
  • Familiarity with SAST/DAST tools (e.g. SonarQube, Snyk, Burp Suite).
  • Experience collaborating with developers and product teams.
  • Strong problem-solving and communication skills with a “find and fix” mindset.
Benefits
  • International team with 40+ nationalities (more on the way!) 🌍
  • Remote-first policy with headquarters in Paris 🗼
  • Thriving startup with career growth opportunities 🪴
  • Open-minded culture that appreciates differences 👽
  • Feedback-driven, supportive & curious team with a DIY mindset 🤔 🛠
  • Generous Paid Time Off to ensure you have time for what matters most ❤️🏡
  • Remote perks designed to optimize your working experience 🎁
  • In-person social gatherings to celebrate our achievements 🏝️
  • 100% of your health insurance contribution paid by Swapcard 🏥
  • Work-from-home budget (one-off contribution for equipment in addition to your initial equipment setup) 🖇️
  • Co-working space budget to support remote work in professional environments 💼
  • Learning budget to help you develop new and existing skills 🤓
  • Mental health care initiatives to support your well-being 🧘

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
bug bountypentestingSASTDASTsecurity automationthreat modelingcode reviewsecurity designapplication vulnerabilitiesOWASP Top 10
Soft skills
problem-solvingcommunicationcollaborationorganizationalinterpersonalfind and fix mindset