Job Description
We are looking for a Senior Application Security Engineer to develop AI-enabled secure code scanning and integrate security tooling directly into SDLC and agentic developer workflows within a large-scale financial services environment. You will deploy and tune SAST, DAST, and SCA tools to eliminate noise and deliver high-confidence alerts, provide code-level remediation guidance to Java and Python engineering teams, and leverage LLMs and AI agents to automate vulnerability triage and secure coding pattern adoption.

WHAT YOU WILL DO

- Develop AI-enabled secure code scanning solutions and deliver "Golden Images" to drive secure-from-the-start adoption;

- Continuously tune security scanning tools, including SAST, DAST, and SCA, to reduce noise and provide high-confidence security alerts;

- Enable automated development of secure coding patterns and integrate them into traditional and agentic SDLC workflows;

- Work directly with software engineers using Java and Python to provide code-level remediation guidance;

- Improve application security posture through threat modeling, architecture reviews, and secure development practices;

- Leverage LLMs, AI agents, and automated coding assistants to streamline vulnerability triage and remediation processes;

- Support adoption of modern application security standards across engineering teams.

MUST HAVES

- 5+ years of experience in Application Security, DevSecOps, Security Engineering, or related fields;

- Deep, hands-on expertise deploying and tuning modern application security testing tools, including SAST, DAST, and SCA;

- Ability to work autonomously and mentor Middle 1 engineers;

- Advanced experience with application threat modeling and architecture reviews;

- Experience integrating LLMs, AI agents, or automated coding assistants to streamline vulnerability triage and remediation;

- Strong understanding of secure software development practices and SDLC integration;

- Upper-intermediate English level.

NICE TO HAVES

- Advanced knowledge of Cloud-Native Application Protection Platforms (CNAPP) such as Wiz;

- Deep understanding of advanced vulnerability scoring models, including EPSS and CVSS;

- Experience working with complex data governance, compliance, and security frameworks in highly regulated environments.

PERKS AND BENEFITS

- Professional growth: Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps.

- Competitive compensation: We match your ever-growing skills, talent, and contributions with competitive compensation.

- Exciting projects: Join projects with modern solutions development and top-tier clients, including Fortune 500 enterprises and leading product brands.

- Work-life balance: Flexible work environment designed to support productivity and personal well-being.