Application Security Engineer

About This Role

As an Application Security Engineer, you will partner with engineering teams to identify and remediate vulnerabilities, integrate security tooling into CI/CD pipelines, and educate developers on secure coding practices. This role focuses on enabling engineers to build secure code faster for a digital streaming platform.

Responsibilities

• Partner directly with development teams to triage, explain, and remediate security findings
• Conduct lightweight security reviews of code changes, architecture decisions, and new features
• Manage and optimize security tooling such as AWS Security Hub, GitHub security features, and Aikido
• Build and maintain automated security checks in deployment pipelines
• Own the vulnerability lifecycle from discovery through remediation, prioritizing based on business risk
• Create practical secure coding guidelines and run training sessions for developers
• Contribute to security architecture decisions for new products and features
• Stay current on emerging threats and bring relevant insights to the team

Requirements

• 2+ years of experience in software engineering, DevOps, or security
• Solid understanding of web application security fundamentals (OWASP Top 10, common vulnerability classes)
• Hands-on experience with at least one programming language (Python, JavaScript/Node.js, Go, or similar)
• Familiarity with CI/CD pipelines and modern development workflows (GitHub Actions, Helm, etc.)
• Understanding of secure coding practices and common vulnerability patterns
• Genuine curiosity about security
• Strong communication skills
• Collaborative approach
• Growth mindset

Qualifications

• 2+ years of experience in software engineering, DevOps, or security

Nice to Have

• Experience with or strong interest in security tools (SAST, DAST, SCA, or cloud security)
• Familiarity with AWS security services (Security Hub, IAM, GuardDuty)
• Knowledge of container security and Kubernetes

Skills

* Required skills

Benefits