Senior Application Security Engineer Remote

Responsibilities

• Implement and manage security technologies such as Web Application Firewalls (WAF), Static/Dynamic/Interactive Application Security Testing tools, and penetration testing platforms
• Collaborate with product managers, designers, and engineers to deliver secure, high-quality software solutions
• Leverage cloud-native, open-source, and commercial tools to advance application security automation and capabilities
• Build detections and dashboards within SIEM tools and assist in incident technical investigations
• Conduct threat modeling to assess potential security risks and recommend mitigations
• Participate in code reviews and provide actionable security feedback to development teams
• Drive security efficiencies to enable the team to focus on advanced security challenges
• Integrate security best practices seamlessly into the development lifecycle
• Identify gaps in application security capabilities and lead initiatives to close those gaps
• Stay informed about the latest threats, vulnerabilities, and mitigation techniques to reduce the attack surface
• Partner with SOC and Incident Response teams to analyze event logs and assess security incidents involving malware, vulnerabilities, and exploits

Requirements

• 3+ years of experience in application security or related fields
• Expertise in detecting, analyzing, and remediating vulnerabilities in web applications, APIs, and mobile applications
• Strong knowledge and experience with secure coding practices for modern software development
• Up-to-date understanding of application security weaknesses in technologies such as web applications, databases, and multi-tier systems
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines using tools like GitLab or Jenkins
• Background in threat modeling, design reviews, risk analysis, and control design
• Proficiency in at least one programming language (e.g., Java, Python, Ruby) and its associated framework
• Competency in analyzing event and incident logs to assess potential security risks in collaboration with SOC teams
• Expertise in network security, authentication protocols, and authorization mechanisms

Nice to have

• Familiarity with containerized environments and security for cloud-native applications
• Showcase of experience working with security standards such as OWASP, NIST, or ISO 27001
• Understanding of machine learning models and their potential security implications
• Skills in conducting red team/blue team exercises or ethical hacking scenarios
• Capability to perform advanced malware analysis and reverse engineering

We offer

• Connectivity Bonus (15,000 ARS are paid with a salary receipt at the end of each month as a non-wages concept)
• Medicina Prepaga (It covers the collaborator and direct family group)
• Paternity Leave (Two additional days are added to what is established by law, total of 4 days)
• Discounts card
• English Training (English lessons, twice per week)
• Training Program (Access to multiple customized training plans according to the needs of each role within the company)
• Marriage bonus (The company doubles the allowance established by law that ANSES offers)
• Referral Program (Referral bonus is paid when the referral of a collaborator joins the Company)
• External Agreements and Discounts
• Vacations: 14 calendar days a year