Apply for jobs

Application Security Engineer

  • Closed
  • US Company | Medium (51-250 employees)
  • LATAM (100% remote)
  • 3+ years
  • Long-term (40h)
  • Finance
  • Full Remote
Apply now

Required skills

  • OWASP
  • TypeScript
  • Node.js
  • React.js
  • C#
  • JavaScript
  • .NET Framework

Requirements

Must-haves

  • 3+ years of software development experience
  • Experience remediating security vulnerabilities in production environments
  • Strong knowledge of the OWASP Top 10 and application security standards
  • Direct coding and remediation experience with .NET (C#)
  • Direct coding and remediation experience with TypeScript and JavaScript (Node.js, React, etc.)
  • Deep understanding of web application security, common vulnerabilities, and secure coding practices
  • Experience in analyzing and prioritizing vulnerabilities from SAST, DAST, SCA tools, and penetration tests
  • Familiarity with Identity and Access Management (IAM) principles and best practices
  • Ability to collaborate effectively with development teams and communicate technical risks clearly
  • Strong communication skills in both spoken and written English

Nice-to-haves

  • Startup experience
  • Experience with microservices and API security design
  • Familiarity with containerized environments and cloud security (AWS, GCP, Azure)
  • Bachelor’s Degree in Computer Engineering, Computer Science, or equivalent

What you will work on

  • Perform hands-on remediation of vulnerabilities across .NET, TypeScript, and JavaScript codebases
  • Analyze and triage vulnerability reports from tools (SNYK, Codacy, penetration testing) to prioritize remediation efforts
  • Conduct security code reviews (SAST) and dynamic testing (DAST) to identify and mitigate risks before release
  • Provide in-code guidance to developers on secure coding practices and threat mitigation
  • Ensure application-level security aligns with OWASP Top 10 and other relevant standards
  • Assist in documenting secure coding standards and reusable remediation patterns
  • Collaborate with development teams to integrate remediation work into the SDLC and sprint cycles
  • Communicate security risks clearly to stakeholders and ensure timely, effective fixes
  • Serve as a technical liaison for external penetration testing teams and support vulnerability validation and resolution
  • Act as a hands-on, collaborative security partner to the engineering organization
Apply now

Other jobs you might like

  • Lead Full-stack Engineer

    • LATAM (100% Remote)
    • US Company | 11-50 employees
    • 7+ years of exp.
    • Long-term (40h)

  • Full-stack Engineer

    • LATAM (100% Remote)
    • US Company | 51-250 employees
    • 5+ years of exp.
    • Long-term (40h)

Get matched with the best remote opportunities from today's top US companies

Find great opportunities

Earn more compensation for your hard work

Access exclusive benefits like healthcare, English classes, and more

1-1 individualized training to succeed in the international job market

Sign up