Full-Time Senior Application Security Engineer

Job Type: Permanent (Full Time/Full-Time)

Function: Application Security Engineer

Location: Remote

Experience Required: 5-6 years

Position Overview We seek an Application Security Engineer to join our team and maintain, enhance, and develop security training exercises for our DevSecOps, API Security, Threat Modeling, and other courses. The ideal candidate will combine technical security expertise with the ability to create educational content aligned with our practical, hands-on training approach.

Key Responsibilities

• Fix and troubleshoot existing training exercises when issues arise from tool or environment version upgrades.
• Modernize exercises by upgrading components when tools become outdated, maintaining industry relevance.
• Create new, innovative security exercises demonstrating real-world vulnerabilities using our open source projects.
• Assist our training team in developing new courses aligned with emerging security domains.
• Contribute to our open source security projects with practical, educational components.

Application Security Implementation

• Conduct application security assessments using methodologies taught in our training programs.
• Help clients implement secure coding practices and remediation strategies based on our training principles.
• Support integration of security tools into CI/CD pipelines using techniques from our courses.
• Apply and reinforce the practical DevSecOps methodologies we advocate in our training.

Knowledge Advancement

• Stay current with security trends, adapting our training content to reflect the evolving threat landscape.
• Develop educational materials bridging theory and practice in DevSecOps.
• Support instructors with technical expertise during course delivery.
• Help maintain our position as thought leaders in practical DevSecOps implementation.

Required Qualifications

• Understanding of application security concepts, particularly those covered in our OWASP-aligned curricula.
• Experience with security testing tools featured in our training (e.g., SAST/DAST tools, containers, cloud security).
• Proficiency in programming languages relevant to our courses (Python, Java, JavaScript).
• Knowledge of DevSecOps practices as applied in real-world environments.
• Familiarity with the core domains we teach: DevSecOps, AI Security, API Security, and Threat Modeling.
• Strong troubleshooting abilities to resolve complex training environment issues.

Preferred Qualifications

• Familiarity with our open source projects (DevSecOps Studio, DevSlop, etc.)
• Security certifications relevant to our training domains.
• Experience creating educational content or technical documentation.
• Background in developer education or security training.
• Public speaking or training delivery experience.

Skills

• Strong technical problem-solving abilities
• Clear communication skills for explaining complex security concepts
• Passion for DevSecOps methodologies and security education
• Self-motivated approach to improving training materials
• Collaborative mindset to work effectively with our international team

What is the last date for applying to the job?

Which countries are accepted for this remote job?