Application Security Engineer

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Application Security Engineer based in Germany.

Join a high-impact security engineering environment where you will play a key role in protecting and strengthening large-scale cloud-native applications that power next-generation AI infrastructure. In this role, you will work at the intersection of software engineering and cybersecurity, ensuring that applications are designed, built, and maintained with security at their core. You will collaborate closely with development teams to integrate security practices throughout the software development lifecycle, identify and remediate vulnerabilities, and improve the overall security posture of complex distributed systems. This position offers the opportunity to work with modern technologies, advanced cloud environments, and cutting-edge AI platforms while influencing how security is embedded into engineering practices at scale. It is ideal for a hands-on security professional who enjoys deep technical work, proactive risk identification, and cross-functional collaboration in a fast-paced engineering culture.

• Identify, analyze, and remediate application security vulnerabilities using modern application security posture management (ASPM) tools and related security technologies.
• Build, maintain, and enhance ASPM tools, rules, and automation to strengthen application security across engineering teams.
• Integrate security best practices into the software development lifecycle (SDLC) in close collaboration with development and platform engineering teams.
• Conduct manual and automated penetration testing to identify weaknesses in applications and supporting infrastructure.
• Lead threat modeling sessions and risk assessments for both new and existing applications to proactively address security risks.
• Develop, maintain, and promote secure coding standards and guidelines for engineering teams.
• Serve as a subject matter expert in application security, providing guidance and support to internal teams across the organization.
• Stay up to date with emerging security threats, vulnerabilities, attack techniques, and mitigation strategies.
• Contribute to the continuous improvement of security engineering processes, automation, and tooling.

Requirements

• Minimum of 4 years of experience in application security, secure software development, or related cybersecurity engineering roles.
• Strong understanding of application security risks, including OWASP Top 10 and common web and system vulnerabilities.
• Hands-on experience with secure coding practices in languages such as Python, Go, Java, or JavaScript.
• Proficiency in at least one programming language (e.g., Go or Python) with willingness to learn additional technologies.
• Practical experience with security testing tools such as Burp Suite, OWASP ZAP, Semgrep, or equivalent solutions.
• Experience conducting threat modeling exercises and security risk assessments.
• Solid understanding of authentication and authorization protocols such as SAML, OAuth, or OIDC.
• Strong analytical thinking and problem-solving skills with attention to detail in complex systems.
• Excellent communication skills in English, with the ability to explain technical security concepts to engineering teams.
• Ability to work independently while collaborating effectively in distributed and fast-paced environments.
• A proactive mindset and willingness to continuously learn and adapt to new security challenges.
• Security certifications such as OSCP or OSWE are considered a strong advantage.
• Experience with security automation, compliance translation, or exploitation of complex systems is a plus.

Benefits

• Competitive compensation package aligned with experience, skills, and location.
• Opportunity to work on large-scale, high-impact AI and cloud infrastructure projects.
• Flexible, remote-friendly working environment with strong autonomy and ownership.
• Career growth opportunities in a highly technical and fast-evolving security domain.
• Exposure to cutting-edge technologies in cloud computing, AI platforms, and distributed systems.
• Collaborative and innovative engineering culture focused on trust, learning, and impact.
• International environment working with highly skilled engineering and security teams.
• Inclusive workplace with equal opportunity policies and strong support for diversity.