2,614 Open roles
98 Companies
54 Posted today
Jobs / BrainRocket / Application Security Engineer
Posted 2026-05-20

Application Security Engineer

Description

We invite a Senior Application Security Engineer to join our team remotely. This will be a Service Agreement. We do not assist with visa sponsorship.

Responsibilities
  • Demonstrated ability to collaborate with other teams to achieve complex objectives.
  • Responsible for security architecture design from cloud infrastructure to application through the implementation of "secure by design" principles.
  • Collaborate with product managers, architects, and developers on the implementation of the security controls platform ecosystem and products.
  • Proof security implementations within infrastructure and application deployment manifests and the CI/CD pipelines.
  • Define required policies, controls, and capabilities for the protection of products and environments.
  • Build and validate declarative threat models automation.
  • Participate in engineering teams’ product planning cycles and committees.
  • Oversee the product security aspects for migration of products and services from Data Center to public cloud, e.g., AWS.
  • Serve as a trusted cyber security advisor to product and application teams.
Requirements
  • Experience integrating security scanning/tooling into the development pipeline.
  • Experience in analysing and securing microservices and applications developed using JavaScript and Typescript.
  • Experience with CI/CD pipelines (such as Gitlab, Jenkins) and infrastructure-as-a-code models (such as Terraform, Helm, or CloudFormation).
  • Hands-on development experience in Python/shell scripting.
  • Strong understanding of supply chain security, software integrity, and secure software delivery.
  • Experience with Docker and mesh technologies (such as ISTIO).
  • Experience with architecture and security reviews, threat modelling, and application risk is highly desired.
  • Experience working with Agile methodologies.
  • Knowledge of privacy laws and regulations, such as GDPR desired.
  • Familiarity with industry regulations, frameworks, and practices. For example, PCI, ISO 27001, NIST, etc.
  • In-depth experience with architecting secure services on Kubernetes.
  • Extensive experience with architecting secure services on AWS or on-prem data centers.
  • Security-related professional certifications e.g., CISSP, CISM, CCSK, CCSP, CEH, are highly desirable.
Benefits
  • 20 vacation days annually.
  • 6 sick days without a medical certificate.
  • Corporate events: international parties, team buildings, activities.
  • Career growth opportunities in a fast-growing company.