Senior Application Security Engineer

Summary

Join Docplanner as an Application Security Engineer and play a crucial role in safeguarding our software products. Collaborate with development teams, share your expertise, and design robust security frameworks. Enjoy autonomy to set goals and work with cutting-edge technologies while contributing to a secure environment. Ensure the security and integrity of our software products by identifying and mitigating vulnerabilities and providing guidance on best security practices. Help build a secure SDLC, research and configure security tooling, define security guidelines, and consult on new products. Develop a vulnerability management system and foster a culture of security within the organization. Work remotely or hybrid with a hub in Barcelona, enjoying flexible hours and a comprehensive benefits package.

Requirements

• Relevant professional experience
• Strong knowledge of application security, secure coding practices, and common risks and vulnerabilities
• Experience working as a partner with Product and Development teams
• Being able to automate routine tasks, enhance existing solution (preferably, knowledge of Python)
• Experience working with cloud native and containerized environments (AWS/Azure, Docker, Kubernetes), knowledge of common security practices and testing approaches
• Strong hands-on skills with testing and securing server-side and client-side apps
• Experience working with common security certifications and supporting the GRC team. Experience with ISO 2700X, NIST, C5, SOC2, PSI-DSS is a plus
• Communication excellence
• Good communication skills and experience in working with distributed product and development teams, to identify and implement improvements to processes and procedures
• Experience working in a fast scaling digital company
• You understand the environment of a global organization scaling at pace
• Mindset of building for scale with a data-driven approach
• Strong Project Management Skills
• Ability to set up goals and priorities for yourself and your peers, to plan and organize work using project management tools like Jira

Responsibilities

• Collaborating with our development teams to build a secure SDLC that integrates security at every stage of the software development process
• Researching and configuring security tooling to provide comprehensive security coverage
• Defining security guidelines for our applications to ensure that every product we release is protected against any potential attacks
• Consulting on new products, which may include pen-testing, threat modeling, or designing secure solutions, to ensure that they meet our high standards of security
• Developing a vulnerability management system that identifies and mitigates potential threats before they reach production
• Helping developers to understand security concepts and practices to foster a culture of security within our organization

Preferred Qualifications

• SDE background is a plus
• Testing and securing AI-based projects (LLM, RAG, diffusion models, fine-tuning pipelines, prompt injection, model extraction, data poisoning) is a plus
• Experience with .NET, PHP, and Javascript environments is a plus

Benefits

• A salary adequate to your experience and skills
• Flexible remuneration and benefits system via Flexoh , which includes: restaurant card, transportation card, kindergarten, and training tax savings
• Share options plan after 6 months of working with us
• Remote or hybrid work model with our hub in Barcelona
• Flexible working hours (fully flexible, as in most cases you only have to be on a couple of meetings weekly)
• Summer intensive schedule during July and August (work 7 hours, finish earlier)
• 23 paid holidays, with exchangeable local bank holidays
• Additional paid holiday on your birthday or work anniversary (you choose what you want to celebrate)
• Private healthcare plan with Adeslas for you and subsidized for your family (medical and dental)
• Access to hundreds of gyms for a symbolic fee in partnership for you and your family with Andjoy
• Access to iFeel , a technological platform for mental wellness offering online psychological support and counseling
• Free English and Spanish classes