Job VC
Application Security Engineer ID71662
Important:
after confirming your application on this platform, you’ll receive an email with the next step: completing your application on our internal site, LaunchPod. So keep an eye on your inbox and don’t miss this step — without it, the process can’t move forward.
Why join us
If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you! :)
About the role
We are looking for a
Middle Application Security Engineer
to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3–5 years of combined software engineering and AppSec experience.
What you will do
Write and maintain the scripts necessary to integrate security gates (SAST, DAST, SCA) seamlessly into the CI/CD pipeline;
Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts;
Assist in coding and deploying automated hardened baselines and secure coding patterns;
Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python.
Must haves
3–5 years of commercial experience
blending software engineering and DevSecOps/AppSec;
Solid coding proficiency in
Python
(for automation/scripting), with the ability to comfortably read and navigate
Java
source code;
Working knowledge of modern
CI/CD
orchestration tools and practical experience interacting with vulnerability scoring frameworks;
Ability to operate with minimal supervision on day-to-day execution, reliably completing complex scripting and integration tasks;
Upper-intermediate English level.
Nice to haves
Hands-on experience with specific CNAPP or ASPM platforms (e.g., Wiz);
Basic understanding of application threat modeling.
The benefits of joining us
Professional growth:
Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps
Competitive compensation:
We match your ever-growing skills, talent, and contributions with competitive USD-based compensation and budgets for education, fitness, and team activities
A selection of exciting projects:
Join projects with modern solutions development and top-tier clients that include Fortune 500 enterprises and leading product brands
Flextime:
Tailor your schedule for an optimal work-life balance, by having the options of working from home and going to the office – whatever makes you the happiest and most productive.
Meet Our Recruitment Process
Asynchronous stage
– An automated, self-paced track that helps us move faster and give you quicker feedback:
Short online form to confirm basic requirements
30–60 minute skills assessment via Codility – a platform founded in Poland that helps us provide quicker feedback and streamline this stage of the process.
5-minute introduction video
Synchronous stage
– Live interviews
Technical interview with our engineering team (scheduled at your convenience)
Final interview with your future teammates
If it’s a match — you’ll get an offer!