Назад
Company hidden
14 часов назад

Application Security Engineer (AI)

Формат работы
remote (только Europe)/hybrid
Тип работы
fulltime
Грейд
middle/senior
Английский
b2
Страна
UK/Spain/Italy
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Application Security Engineer (AI): Building and maintaining secure-by-default architectures for motor insurance platforms with an accent on cloud security, threat modeling, and automated security controls. Focus on proactively identifying vulnerabilities in web and mobile applications, implementing SAST/DAST/SCA pipelines, and fostering a security-first culture across engineering teams.

Location: Must be based in Italy, Spain, or the UK. This is a full remote position with hybrid options available.

Company

hirify.global is a leading online motor insurance provider that leverages data and technology to deliver high-quality insurance experiences to millions of drivers across Europe.

What you will do

  • Define security requirements and design application architectures using a secure-by-default approach.
  • Conduct threat modeling, code reviews, and penetration testing on cloud-based web and mobile applications.
  • Implement, manage, and automate SAST, DAST, and SCA security controls and WAF rules.
  • Partner with product teams to ensure robust protection and promote a security-first development culture.
  • Investigate, manage, and resolve security alerts.
  • Collaborate on core initiatives within the Security Engineering team.

Requirements

  • Must be located in Italy, Spain, or the UK.
  • Strong knowledge of web and mobile security vulnerabilities, AI security risks, and industry standards like OWASP Top 10.
  • Hands-on experience with threat modeling frameworks, code reviews, and penetration testing.
  • Proficiency in scripting or programming languages such as Python or Rust.
  • Experience with CI/CD systems and Infrastructure as Code tools like Pulumi.
  • Availability for on-call shifts to support 24x7 security monitoring.

Nice to have

  • Practical experience with secure AWS design and Kubernetes (EKS) security.
  • Hands-on experience with WAF configurations, EDR, SIEM, or SOAR platforms.
  • Relevant industry certifications such as OSCP, OSWA/E, or BSCP.
  • Active involvement in security research, bug bounty programs, or CTF competitions.

Culture & Benefits

  • Full flexibility to work from home, the office, or a mix of both.
  • Work from anywhere for up to 30 days per year.
  • Private healthcare, gym discounts, and mental health support.
  • Access to personalized learning resources, mentorship, and growth plans.
  • Collaborative, curiosity-driven engineering environment.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →