Application Security Engineer

This is a fully remote position, open to applicants in Brazil.

📋 Description

• Governance and Traffic Oversight: Take ownership of the Cloudflare infrastructure. Analyze traffic trends to detect threats (DDoS, credential stuffing, scraping) and deploy real-time defenses.

• Vulnerability Management (Intigriti): Oversee our third-party researcher initiative. Assess and confirm reports, ensuring timely recognition of the first reporter and prompt implementation of countermeasures at the source.

• Proactive Offensive Strategy & Internal Penetration Testing: Actively discover vulnerabilities within our systems. Develop and conduct focused internal penetration tests.

• Security of Applications & Dependencies: Track and address vulnerabilities within application dependencies and frameworks.

• Incident Management & Global Coordination: Communicate effectively and clearly under pressure. Collaborate across time zones with SRE, Support, and Product teams.

⛳️ Requirements

• Proven experience with Cloudflare on a large scale (WAF, Workers, rate limiting, bot management)

• Proficient in AWS security tools (e.g., GuardDuty, IAM analysis, CloudTrail)

• Understanding of dependency and supply chain security protocols

• Knowledgeable about bug bounty platforms (e.g., Intigriti, HackerOne)

• Familiarity with vendor-approved security scanning tools and their integration into workflows (e.g., SAST, DAST, dependency scanning)

• Experience with compliance automation solutions (e.g., Vanta, Drata)

• Compliance Knowledge: Familiarity with PCI DSS or SOC II frameworks. You can effectively translate technical security measures into audit-ready documentation.

🏝️ Benefits

• Fully remote work from the comfort of your home

• Eligibility for employee equity plan (stock options)

• Reimbursement package for home office expenses and professional development, up to $1.5k

• Generous time-off policy of 21 days (including your birthday 🎉), 8 holidays of your choice, and 2 paid volunteer days

• Wellness program offering fitness and mindfulness classes

• Be passionate about your work and our mission to support nonprofits!