Lead Security Engineer - Application Security

Your Role:

• Embed security across the SDLC by working closely with development, DevOps, and product teams.
• Lead secure architecture/design reviews and perform deep-dive assessments for web and mobile apps.
• Conduct manual and automated vulnerability testing, including penetration tests.
• Promote secure coding and threat modeling through training and best practice guidance.
• Build and automate security tools/workflows, ideally using GenAI.
• Support incident response efforts for application-layer threats, and plan relevant short/long-term remediations

Qualifiers:

• 7+ years in AppSec, with 4+ years in mobile/web security testing and secure code reviews.
• Participation in bug bounty programs, CTFs, or open-source security projects.
• Strong knowledge of OWASP Top 10, SANS 25, and scalable mitigation strategies.
• Skilled in at least one language (e.g., Python, Java, Golang), with experience in building security automation, custom tools, or guardrails.
• Familiarity with WAFs, SIEM/log analytics solutions, and incident response workflows.