Senior Application Security Engineer

Job Description

As a Senior Application Security Engineer at Prolific, you will be the technical leader in application security. Your responsibilities include collaborating with engineering teams to identify and remediate vulnerabilities in our codebase. You will also perform security testing, create security tools, and incorporate secure development practices into our software development lifecycle. You will review pull requests, conduct threat modeling for new features, and develop automation solutions to maintain the security of our platform. Reporting to the Head of Engineering/Platform, you will work with product engineering, platform, data, and TechOps teams.

Qualifications

1. Several years of experience in application/product security or security engineering. 2. Strong understanding of OWASP Top 10 (Web & API) and modern attack vectors (e.g., authentication flaws, SSRF, injection, business logic abuse, supply chain attacks). 3. Experience working with complex, large-scale systems and modern architectures. 4. Hands-on security testing experience (specifically using Burp Suite) across web applications and APIs. 5. Proficiency in Python for creating security tools, automation, or custom detection (Django experience is a plus). 6. Experience implementing and fine-tuning SAST, SCA, DAST, and secret scanning within CI/CD pipelines. 7. Practical experience in threat modeling, including facilitating lightweight sessions. 8. Strong collaboration and communication skills, with the ability to clearly explain issues and drive remediation efforts. 9. A builder mindset with a passion for automation.

Benefits

- Competitive salary - Remote working - Opportunities for groundbreaking research