This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Application Security Engineer in Europe.
This role offers the opportunity to strengthen application security for a fast-growing, innovative platform serving a global audience. You will lead and manage bug bounty programs, perform security testing, and work closely with development and product teams to identify and remediate vulnerabilities. Your contributions will help integrate security into the software development lifecycle, enhance threat detection, and ensure secure, resilient applications. The position blends hands-on security work, collaboration, and mentoring in a fully remote, inclusive environment where autonomy, innovation, and teamwork are highly valued.
Accountabilities
- Own and manage bug bounty programs: triage reports, validate findings, and reproduce proofs of concept (PoCs)
- Collaborate with developers and product owners to propose and support remediation of security issues
- Write or review pull requests to fix security vulnerabilities directly in the codebase
- Validate results from external penetration tests and integrate them into the development backlog
- Contribute to threat modeling, secure code reviews, and security design discussions
- Support the Secure Development Lifecycle (SAST, dependency scanning, and CI/CD security automation)
- Perform lightweight penetration testing of new features and releases when needed
- Maintain clear documentation to support application security processes
- Coordinate communication between Security, Development, and Product teams for faster resolution of security tickets
Requirements
- Previous experience as a developer in a modern backend or frontend stack
- Hands-on security experience through bug bounty programs, CTFs, or penetration testing
- Solid understanding of common application vulnerabilities (e.g., OWASP Top 10, SSRF, IDOR)
- Familiarity with SAST/DAST tools such as SonarQube and Snyk
- Experience collaborating with developers and product teams
- Strong problem-solving and communication skills with a "find and fix" mindset
Bonus Points:
- Experience creating or merging pull requests for security fixes in production code
- Knowledge of secure coding practices in web and API development
- Familiarity with CI/CD and DevOps tools (e.g., Jenkins, GitLab CI, Terraform, Helm)
- Exposure to WAFs, anti-bot solutions, or related application security defenses
- Interest in contributing to security automation and developer enablement
Benefits
- Remote-first work with flexibility to thrive anywhere in Europe
- International, diverse team with inclusive culture
- Generous paid time off to ensure work-life balance
- Health insurance fully covered
- Work-from-home and co-working space budgets to optimize your setup
- Learning and development budget to enhance your skills
- Mental health care initiatives to support well-being
- In-person team gatherings and social events to foster community
- Opportunities for career growth in a fast-growing startup environment
Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.
When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.
🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job's core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.
The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role.
Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.
Thank you for your interest!
