Application Security Engineer (AI)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Application Security Engineer (AI): Building and maintaining secure-by-default architectures for motor insurance platforms with an accent on cloud security, threat modeling, and automated security controls. Focus on proactively identifying vulnerabilities in web and mobile applications, implementing SAST/DAST/SCA pipelines, and fostering a security-first culture across engineering teams.
Location: Must be based in Italy, Spain, or the UK. This is a full remote position with hybrid options available.
Company
is a leading online motor insurance provider that leverages data and technology to deliver high-quality insurance experiences to millions of drivers across Europe.
What you will do
- Define security requirements and design application architectures using a secure-by-default approach.
- Conduct threat modeling, code reviews, and penetration testing on cloud-based web and mobile applications.
- Implement, manage, and automate SAST, DAST, and SCA security controls and WAF rules.
- Partner with product teams to ensure robust protection and promote a security-first development culture.
- Investigate, manage, and resolve security alerts.
- Collaborate on core initiatives within the Security Engineering team.
Requirements
- Must be located in Italy, Spain, or the UK.
- Strong knowledge of web and mobile security vulnerabilities, AI security risks, and industry standards like OWASP Top 10.
- Hands-on experience with threat modeling frameworks, code reviews, and penetration testing.
- Proficiency in scripting or programming languages such as Python or Rust.
- Experience with CI/CD systems and Infrastructure as Code tools like Pulumi.
- Availability for on-call shifts to support 24x7 security monitoring.
Nice to have
- Practical experience with secure AWS design and Kubernetes (EKS) security.
- Hands-on experience with WAF configurations, EDR, SIEM, or SOAR platforms.
- Relevant industry certifications such as OSCP, OSWA/E, or BSCP.
- Active involvement in security research, bug bounty programs, or CTF competitions.
Culture & Benefits
- Full flexibility to work from home, the office, or a mix of both.
- Work from anywhere for up to 30 days per year.
- Private healthcare, gym discounts, and mental health support.
- Access to personalized learning resources, mentorship, and growth plans.
- Collaborative, curiosity-driven engineering environment.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →