Senior Application Security Engineer

Summary

Join CookUnity's Application Security team as a founding member and lead application security efforts. Collaborate with engineering teams to ensure secure application development and vulnerability remediation. Perform security assessments, code reviews, penetration testing, and integrate security testing into CI/CD pipelines. Define and maintain security requirements and best practices. Promote security awareness and provide training to development teams. Respond to security incidents and support remediation efforts. Recommend and implement new security tools and technologies. Work in Agile and DevSecOps environments.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or related field
• 6-8+ years of experience in application security, secure coding, and vulnerability assessment
• Strong development background with hands-on experience in Kotlin, Java, and Typescript
• Deep understanding of OWASP Top 10, CWE, and common web and API vulnerabilities
• Proficient with security testing tools such as Burp Suite, Fortify, Veracode, or similar
• Experience with secure SDLC, DevSecOps practices, and integrating security into CI/CD pipelines
• Familiarity with authentication and authorization protocols like OAuth2, OIDC, and SAML
• Ability to work effectively with development teams, guiding and holding them accountable for timely vulnerability remediation
• Relevant certifications such as CISSP, CSSLP, OSCP, GWAPT
• Fluency in English

Responsibilities

• Lead application security efforts by performing security assessments, code reviews, and penetration testing focused on applications developed in Kotlin, Java, and TypeScript
• Identify, classify, prioritize, and track remediation of vulnerabilities such as those listed in the OWASP Top 10 and other common weaknesses
• Use and maintain application security tools such as Burp Suite for dynamic testing, SAST/DAST/IAST tools, and other automated security scanners
• Collaborate closely with software development teams to enforce secure coding standards and hold Software Engineers accountable for patching vulnerabilities within defined SLAs
• Integrate security testing and automation into CI/CD pipelines to ensure continuous security validation
• Define and maintain security requirements and best practices aligned with industry standards such as OWASP, NIST, ISO, PCI DSS, and GDPR
• Conduct threat modeling, risk assessments, and security design reviews for new and existing applications
• Promote security awareness and provide training to development teams on secure coding and vulnerability mitigation
• Respond to security incidents and support remediation efforts
• Recommend and implement new security tools and technologies to improve application security posture
• Work in Agile and DevSecOps environments to embed security throughout the software development lifecycle

Preferred Qualifications

Knowledge of cloud security (AWS, GCP, Azure) and container security (Docker, Kubernetes) is a plus

Benefits

• Get paid in USD, Crypto, Euro, ARS. Whatever your choice! We use Deel to make things easier for you!
• Work remotely: design the life that you want
• Enjoy 15 business days of vacation each year from the start date
• 16 fully paid Argentinean holidays
• Healthcare Benefit: Monthly stipend to use in your preferred healthcare provider
• 5-year Sabbatical: After 5 years with CookUnity, you get a 4-week paid sabbatical
• Paid family leave
• Compassionate Leave: 3-5 days each time the need arises
• Customize the benefits that suit your needs! Access a range of perks tailored to you, including learning opportunities, wellness memberships, delivery apps, and more through our comprehensive benefit platform
• Personalized English coach