Staff Software Engineer - Application Security (SAST, DAST, IAST)

3 Months ago • 7 Years + • Cyber Security

Job Summary

Job Description

The Application Security Engineer will drive a 'Shift-Left' security approach by integrating automated security tooling into developer workflows and CI/CD pipelines. They will ensure early detection and mitigation of vulnerabilities throughout the SDLC, working with product and development teams to ensure secure systems and applications. This role involves educating engineers on security practices, conducting threat modeling, design reviews, code reviews, and addressing application security vulnerabilities. Responsibilities include implementing and managing security testing tools (SAST, DAST, IAST), providing architectural guidance, identifying risks, and performing code reviews. Additionally, the role involves educating engineers about security issues, collaborating with teams to embed security throughout the software lifecycle, and managing a bug bounty program.
Must have:
  • 7+ years of experience in application security
  • Foundational knowledge of operating system security for Linux
  • Experience in risk assessment and vulnerability management
  • Strong programming/scripting skills in Python or similar languages
Good to have:
  • Understanding of usability and buy-in for security policy
  • Love for instrumentation and automation
  • Knowledge of supply chain security (SBOM, sigstore, in-toto)

Job Details

This a a B2B Contract role working on site in Krakow, Poland

Location: Krakow - Hybrid, minimum 3 days a week in the Office

The Application Security Engineer will drive a 'Shift-Left' security approach by integrating automated security tooling into developer workflows and CI/CD pipelines, ensuring early detection and mitigation of vulnerabilities throughout the SDLC. You will work closely with product and development teams to ensure secure systems and applications. You will identify security improvement areas and drive high-impact security initiatives. This role involves educating engineers on security practices, conducting threat modeling, design reviews, code reviews, and addressing application security vulnerabilities.

The Security Operations team at Opendoor focuses on identifying and protecting assets, detecting anomalies and attacks, responding to compromise, and recovering from asset compromise in order to return the business to a steady state. The scope of the Security Operations team includes Application Security, Detection Operations, Incident Response, Infrastructure Security, Penetration Testing, Vulnerability Management, and Threat Intelligence. 

Here’s what you’ll be up to:

  • Champion security design across application code and cloud infrastructure
  • Implement and manage SAST, DAST and IAST tools for automated security testing.
  • Evaluate and deploy security scanning tools (e.g., Snyk, Semgrep, GitHub Advanced Security, CodeQL).
  • Provide architectural guidance and mentorship to up-level the security engineering organization.
  • Identify and prioritize risks, attack surfaces, and vulnerabilities
  • Perform security code reviews and advise developers on remediating vulnerabilities and following secure coding practices.
  • Conduct research to identify new attack vectors
  • Automated cloud security assessment and policy enforcement
  • Educate engineers about common security issues
  • Collaborate with teams to embed security throughout the software lifecycle
  • Triaging vulnerabilities and tracking issues to resolution
  • Manage the bug bounty program

 

We’re looking for someone who has:

  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 7+ years of experience in application security
  • Foundational knowledge of operating system security for Linux and of the CWE Top 25
  • Experience in risk assessment, threat modeling, code reviews, incident response, and vulnerability management.
  • Strong programming/scripting skills in Python, Golang, Ruby or similar languages.

 

Bonus If You Have

  • An understanding of the value of usability and buy-in when it comes to security policy and practices
  • A love of instrumentation and automation
  • Knowledge of supply chain security (SBOM, sigstore, in-toto).
  • Love for security at work and outside of work. As shown by: presenting at a known security conference, contributing to or creating open source security tools, contributing to the security community in general, etc.

 #LI-Hybrid, #LI-AC1

About Opendoor

Founded in 2014, Opendoor’s mission is to power life’s progress one move at a time. We believe the traditional real estate process is broken and our goal is simple: build a digital, end-to-end customer experience that makes buying and selling a home simple and certain. 

  • To learn how we are reinventing the Real Estate industry check out our website
  • Hear about our culture directly from team members by visiting The Muse
  • Discover what we are building for our customers by reading our blog.

Opendoor Values Openness

We believe that being open about who we are and what we do allows us to be better. Individuals seeking employment at Opendoor are considered without regard to race, color, religion, national origin, age, sex, marital status, ancestry, physical or mental disability, veteran status, sexual orientation, gender identity or other protected status under all applicable laws, regulations, and ordinances. We collect, use, and disclose applicant personal information as described in our personnel privacy policies. To learn more, you can find the policy details for California residents here and for Canada residents here.

We’re committed to Diversity, Equity, Inclusion, and Belonging

Opendoor is dedicated to creating an inclusive and collaborative culture. We value the diverse strengths, perspectives, and backgrounds of all our employees, and believe in empowering our teams to do their best work through teamwork and building a sense of belonging and trust. Our four employee-led Opendoor Employee Resource Groups amplify diverse voices and promote collaboration and inclusion. Our focus is on attracting and retaining exceptional talent, and we believe in empowering our employees to continuously innovate and strive for 1% improvement every day. You can find more information on our Career Page.

We are committed to assisting members of the military community in utilizing their skills at Opendoor. U.S. candidates are able to review your military job classification at MyNextMove.org and apply for positions that align with your expertise.

At Opendoor, we are committed to providing reasonable accommodations throughout our recruitment processes for candidates with disabilities, pregnancy, religious beliefs, or other reasons protected by applicable laws. If you require assistance or a reasonable accommodation, please contact us at TAops-accomodations@opendoor.com.

Similar Jobs

PayPal - Sr Lead Product Manager

PayPal

New York, New York, United States (Hybrid)
2 Months ago
Flexra Software - Technical Support Engineer

Flexra Software

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Roof Stacks - Senior iOS Developer

Roof Stacks

Istanbul, İstanbul, Türkiye (On-Site)
1 Month ago
Tesla - Tesla Advisor

Tesla

Mumbai, Maharashtra, India (On-Site)
6 Months ago
USE Insider - Product Manager, Gen AI

USE Insider

Istanbul, İstanbul, Türkiye (Remote)
1 Month ago
Yodlee - Senior Security Analyst

Yodlee

Berwyn, Pennsylvania, United States (Hybrid)
3 Weeks ago
Anavation - Information System Security Engineer

Anavation

Huntsville, Alabama, United States (On-Site)
1 Month ago
Dream Sports - Senior Security Engineer - Security Operations

Dream Sports

Mumbai, Maharashtra, India (On-Site)
9 Months ago
Patreon - Senior Security Engineer

Patreon

San Francisco, California, United States (Hybrid)
3 Months ago
Globalization Partners - Information Security Analyst - SecOps

Globalization Partners

Poland (Remote)
4 Weeks ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

Ajmera Infotech - Senior QA Engineer – Lead Test Strategy for Life-Critical Software

Ajmera Infotech

Ahmedabad, Gujarat, India (On-Site)
1 Month ago
XFlow - Product Owner

XFlow

(Remote)
6 Months ago
endava - Development Lead Java

endava

Bogotá, Bogota, Colombia (On-Site)
3 Weeks ago
USE Insider - Account Executive - Colombia

USE Insider

Bogota, Colombia (Hybrid)
3 Weeks ago
Oliver Agency - Social Media Content Creator

Oliver Agency

Jakarta, Indonesia (Remote)
1 Month ago
Oliver Agency - Senior Marketing Manager - YouTube Ads Marketing & Industry Advocacy

Oliver Agency

Mumbai, Maharashtra, India (On-Site)
3 Months ago
Nice - Tech Manager

Nice

Pune, Maharashtra, India (Hybrid)
1 Month ago
Apple - System Product Design Engineering Program Manager Lead/Manager

Apple

Sunnyvale, California, United States (On-Site)
1 Month ago
gameexcite - 2D Art Intern

gameexcite

Germany (Hybrid)
3 Months ago
Saronic Technologies - Mission Support Manager

Saronic Technologies

San Diego, California, United States (On-Site)
3 Weeks ago

Get notifed when new similar jobs are uploaded

Jobs in Kraków, Lesser Poland Voivodeship, Poland

Aptive - Associate Scrum Coordinator

Aptive

Kraków, Lesser Poland Voivodeship, Poland (Hybrid)
1 Month ago
PwC - Menedżer/Menedżerka | Transaction Services (Financial Due Diligence)

PwC

Warsaw, Masovian Voivodeship, Poland (On-Site)
9 Months ago
flying wild hog - HR Partner

flying wild hog

Poland (Remote)
4 Months ago
Qloc careers - Video Game Tester Gdansk

Qloc careers

Gdańsk, Pomeranian Voivodeship, Poland (On-Site)
2 Weeks ago
Simcorp - Compliance Counsel (Data Protection)

Simcorp

Warsaw, Masovian Voivodeship, Poland (Hybrid)
3 Months ago
Autodesk - Software QA engineer

Autodesk

Kraków, Lesser Poland Voivodeship, Poland (On-Site)
1 Year ago
plarium - Real-Time VFX Artist

plarium

Warsaw, Masovian Voivodeship, Poland (Remote)
4 Months ago
Playtika - QA Engineer (Operation Team)

Playtika

Poland (Hybrid)
7 Months ago
Papaya Gaming - Talent Acquisition Partner

Papaya Gaming

Warsaw, Masovian Voivodeship, Poland (On-Site)
3 Weeks ago
bombit - Junior Level Designer

bombit

Gdańsk, Pomeranian Voivodeship, Poland (Hybrid)
1 Month ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

bytedance - Backend Software Engineer - Network Security

bytedance

San Jose, California, United States (On-Site)
4 Months ago
bytedance - Software Engineer, Global Payment Privacy & Security

bytedance

San Jose, California, United States (On-Site)
4 Months ago
Glocomms - Senior Cybersecurity Engineer

Glocomms

Boston, Massachusetts, United States (On-Site)
2 Months ago
logifuture - Information Security Engineer

logifuture

Bucharest, Romania (Hybrid)
1 Month ago
Autodesk - Principal Security Engineer, Device Trust

Autodesk

Toronto, Ontario, Canada (On-Site)
2 Months ago
Diligent Corporation - Senior Staff Security Governance & Compliance Analyst

Diligent Corporation

Bengaluru, Karnataka, India (Hybrid)
1 Month ago
Aledade - Senior Security Engineer II - Application Security

Aledade

United States (Remote)
7 Months ago
appier - Security Engineer

appier

Taipei City, Taiwan (On-Site)
1 Month ago
Mozilla - Staff Security Engineer

Mozilla

United States (Remote)
2 Months ago
Anavation - Cyber Security SME

Anavation

Bethesda, Maryland, United States (On-Site)
1 Month ago

Get notifed when new similar jobs are uploaded

About The Company

Nashville, Tennessee, United States (Hybrid)

Chennai, Tamil Nadu, India (Hybrid)

United States (Remote)

Phoenix, Arizona, United States (Remote)

San Francisco, California, United States (Hybrid)

United States (Remote)

Phoenix, Arizona, United States (Hybrid)

San Francisco, California, United States (Hybrid)

View All Jobs

Get notified when new jobs are added by Opendoor

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug