
Application Security Engineer
Posted 11 hours ago

Posted 11 hours ago
This is a fully remote position, open to applicants in Mexico.
• Collaborate directly with engineering teams to identify and mitigate application-level security vulnerabilities.
• Implement and sustain AppSec tools (SAST, SCA, code scanning) within CI/CD workflows.
• Perform security design assessments and threat modeling for new features and services.
• Evaluate code to determine real-world risks and provide straightforward, actionable remediation advice.
• Assist in vulnerability management processes, prioritizing based on actual risk levels.
• Clearly document findings, processes, and recommendations for both technical and non-technical audiences.
• Over 5 years of experience in Application Security, Product Security, or DevSecOps, with hands-on collaboration with engineering teams.
• Extensive experience with AppSec tools: SAST, SCA, code scanning, GitHub / GitHub Advanced Security / SonarQube / Dependabot, and CI/CD integration.
• Proficient in reading code, evaluating real risks, and driving effective remediation strategies.
• Knowledge of SSDLC / shift-left practices: threat modeling, security design assessments, and vulnerability management.
• Strong understanding of application and API security principles: authN/authZ, secrets management, dependencies, injection attacks, and data protection.
• Familiarity with cloud-native delivery methods: containers, Infrastructure as Code (IaC), Git-based workflows, automation, and comprehensive documentation.
• Proficiency in English at an advanced level.
• Desirable skills include IaC scanning, container/image security, software supply chain management, and secrets management. Experience in AWS cloud security and in regulated, audit-sensitive, or event-critical environments is a plus.
• Equity
• Professional development opportunities
• Work-life balance
Rescale
Dijital Team
BetterHelp
Agility Robotics
Get handpicked remote jobs straight to your inbox weekly.