Senior Security Engineer I, Application Security

This is a fully remote position, open to applicants in India.

📋 Description

• Serve as a technical visionary, bridging the divide between strong defense mechanisms and swift innovation.

• Create, prompt-engineer, and implement automated workflows for security reviews.

• Spearhead secure design evaluations and advanced threat modeling for intricate payment systems and AI-integrated applications.

• Collaborate regularly with various engineering teams to pinpoint and resolve security vulnerabilities.

• Supervise comprehensive technical reviews, extending beyond basic scans to include source code audits and live application testing on high-risk features.

• Contribute to and take ownership of the automated security controls we are developing.

• Offer hands-on remediation advice and mentor junior security or software engineers.

⛳️ Requirements

• Over 5 years of experience in Application Security.

• Demonstrated expertise in conducting web application penetration tests and vulnerability research.

• Proficient in source code auditing, product evaluations, and collaboration with product teams.

• Experience in developing security tools.

• Automation First: A strong enthusiasm for replacing manual, repetitive tasks with intelligent, automated scripts and AI workflows.

• Proven capability to utilize tools like Claude for security-specific tasks such as code summarization, vulnerability detection, and automated fix generation.

• Extensive practical knowledge of defending against Prompt Injection, Insecure Output Handling, and Model Inversion.

• Familiarity with Python, Ruby on Rails, Java, and modern web development (JavaScript, Node.js, etc.).

• Solid knowledge of AWS or comparable cloud environments, containerization (Docker), and the construction/maintenance of GitLab CI pipelines.

• Advanced experience with SAST, DAST, and SCA tools.

• Profound understanding of applied cryptography, OAuth2, SAML, and SSO implementations.

• Ability to convey complex AI-generated findings into actionable business risks for stakeholders.

• Empathy-Driven Security: A collaborative approach that treats developers and product teams as partners, emphasizing enablement over friction.

🏝️ Benefits

• Competitive compensation.

• Employee Stock Purchase Plan (ESPP).

• Flying Start - Our immersive Global Induction Program (Meet our Execs & Global Teams).

• Wellbeing Programs (Mental Health, Wellness, Yoga/Pilates/HIIT Classes) with Global FlyMates.

• Generous time off including FlyBetter Days for volunteering in causes you care about and Digital Disconnect Days!

• Excellent Talent & Development Programs (Managers Taking Flight – for new or aspiring managers!).