Principal Application Security Engineer, Product Security

This is a fully remote position, open to applicants in Latin America.

📋 Description

• Oversee and enhance product security evaluations across various engineering teams and services, which includes code reviews, threat modeling, and dynamic/static analysis.

• Develop standardized patterns and reusable methods to enhance consistency and coverage.

• Act as a security advisor for product architects and engineers.

• Direct threat modeling initiatives, evaluate technical risks, and advocate for security best practices throughout the Software Development Life Cycle (SDLC).

• Manage high-impact security initiatives that influence the future security stance of the client's products.

• Utilize available tools to investigate security incidents, determine root causes, and craft effective remediation plans.

• Create frameworks, guidance, and tools that enable engineering teams to independently construct secure systems.

• Function as a mentor and subject matter expert across various teams.

⛳️ Requirements

• A minimum of 5 years of experience in application or product security.

• A strong background in software engineering and secure system design.

• Technical expertise in at least one modern programming language (C#, Java, or Python).

• Familiarity with secure CI/CD practices and software supply chain security.

• Expertise in cloud security within Azure and/or AWS, encompassing IAM, containerization, networking, and native security controls.

• Capability to analyze complex distributed and microservices architectures.

• Outstanding communication skills — able to convey risks and trade-offs to both technical and non-technical stakeholders.

• Experience with SAST/DAST tools, the Atlassian suite, and penetration testing tools like Burp Suite and sqlmap.

• Proficient in conducting black-box and grey-box testing for web applications and APIs.

🏝️ Benefits

• Discover 100,000+ Remote Jobs!