Senior Application Security Engineer

DocPlanner
Summary
Join Docplanner as an Application Security Engineer and play a crucial role in safeguarding our software products. Collaborate with development teams, share your expertise, and design robust security frameworks. Enjoy autonomy to set goals and work with cutting-edge technologies while contributing to a secure environment. Ensure the security and integrity of our software products by identifying and mitigating vulnerabilities and providing guidance on best security practices. Help build a secure SDLC, research and configure security tooling, define security guidelines, and consult on new products. Develop a vulnerability management system and foster a culture of security within the organization. Work remotely or hybrid with a hub in Barcelona, enjoying flexible hours and a comprehensive benefits package.
Requirements
- Relevant professional experience
- Strong knowledge of application security, secure coding practices, and common risks and vulnerabilities
- Experience working as a partner with Product and Development teams
- Being able to automate routine tasks, enhance existing solution (preferably, knowledge of Python)
- Experience working with cloud native and containerized environments (AWS/Azure, Docker, Kubernetes), knowledge of common security practices and testing approaches
- Strong hands-on skills with testing and securing server-side and client-side apps
- Experience working with common security certifications and supporting the GRC team. Experience with ISO 2700X, NIST, C5, SOC2, PSI-DSS is a plus
- Communication excellence
- Good communication skills and experience in working with distributed product and development teams, to identify and implement improvements to processes and procedures
- Experience working in a fast scaling digital company
- You understand the environment of a global organization scaling at pace
- Mindset of building for scale with a data-driven approach
- Strong Project Management Skills
- Ability to set up goals and priorities for yourself and your peers, to plan and organize work using project management tools like Jira
Responsibilities
- Collaborating with our development teams to build a secure SDLC that integrates security at every stage of the software development process
- Researching and configuring security tooling to provide comprehensive security coverage
- Defining security guidelines for our applications to ensure that every product we release is protected against any potential attacks
- Consulting on new products, which may include pen-testing, threat modeling, or designing secure solutions, to ensure that they meet our high standards of security
- Developing a vulnerability management system that identifies and mitigates potential threats before they reach production
- Helping developers to understand security concepts and practices to foster a culture of security within our organization
Preferred Qualifications
- SDE background is a plus
- Testing and securing AI-based projects (LLM, RAG, diffusion models, fine-tuning pipelines, prompt injection, model extraction, data poisoning) is a plus
- Experience with .NET, PHP, and Javascript environments is a plus
Benefits
- A salary adequate to your experience and skills
- Flexible remuneration and benefits system via Flexoh , which includes: restaurant card, transportation card, kindergarten, and training tax savings
- Share options plan after 6 months of working with us
- Remote or hybrid work model with our hub in Barcelona
- Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly)
- Summer intensive schedule during July and August (work 7 hours, finish earlier)
- 23 paid holidays, with exchangeable local bank holidays
- Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
- Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental)
- Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Andjoy
- Access to iFeel , a technological platform for mental wellness offering online psychological support and counseling
- Free English and Spanish classes