RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

4 hours, 12 minutes ago
Japan
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS CI/CD CircleCI Cybersecurity Datadog DevSecOps Docker GitHub GitHub Actions JavaScript MySQL OWASP Penetration Testing PostgreSQL Python Ruby Ruby on Rails Rust Vue.js
Apply Now
KOMOJU

KOMOJU

KOMOJU is a global payment gateway that enables merchants worldwide to accept payments on their websites with ease. With a focus on providing a wide range of payment methods in Japan, South Korea, China, and Europe, KOMOJU is the preferred choice for b...

Internet Software & Services
View All Jobs 3

Description

  • Build and maintain the application security program, including policies, procedures, and standards.
  • Conduct risk assessments and implement controls to mitigate application security threats.
  • Manage external penetration testing to support regulatory compliance needs.
  • Implement and operate a Secure Software Development Life Cycle (SSDLC) process.
  • Design and run a DevSecOps program with automated security testing in CI/CD pipelines.
  • Guide development teams on security best practices and secure implementation approaches.
  • Manage the security bug bounty program, including triage, response, and verification of fixes.
  • Promote application security awareness across the organization and foster a secure code culture.
  • Review code and provide guidance on secure coding practices and secure software architecture.
  • Provide training and resources to development teams to improve secure development practices.

Requirements

  • Minimum 3 years of hands-on experience in application security.
  • Strong understanding of security principles and practices.
  • Familiarity with application security frameworks and technologies such as CWE, MITRE, OWASP, and CIS Benchmarks.
  • Previous experience as a developer is highly desirable.
  • Experience with application security assessment tools.
  • Experience with end-to-end vulnerability management, including SAST and DAST.
  • Technical knowledge to assess vulnerability risk and remediation steps.
  • DevSecOps experience, including building security controls into CI/CD pipelines such as GitHub Actions, CircleCI, or GitLab CI/CD.
  • Familiarity with security hardening standards and implementation.
  • Working proficiency in Japanese is helpful but not necessary.
  • Willingness to learn new technologies and collaborate with distributed, multidisciplinary teams.
  • Experience building custom security tooling is a plus.
  • Cybersecurity-related certifications are a plus.
  • Experience across the listed tech stack is relevant, including JavaScript, Ruby, Python, Rust, Ruby on Rails, Vue, PostgreSQL, MySQL, Docker, AWS, GitHub, and DataDog.

Benefits

  • Remote work with office space available for in-person collaboration.
  • 10 days of regular vacation plus 5 additional summer days and 5 additional winter days.
  • Paid birthday holiday.
  • Self-learning allowance budget to support ongoing skill development.
  • Language training for Japanese.
  • Competitive salary and benefits package.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Anchorage Digital

Member of Technical Staff, Security Operations

Anchorage Digital 251-1K Capital Markets

Anchorage Digital is hiring a remote Member of Technical Staff, Security Operations to help secure its regulated crypto platform by building defenses, investigating threats, and supporting vulnerability management across code, cloud, and infrastructure.

United States Full-time Mid Level Application Security Engineer Security Engineer
AWS Blockchain Burp Suite Go Penetration Testing Python
12 minutes ago
Complexio

Platform Security Engineer

Complexio

Complexio is hiring a Senior+ Platform Security Engineer to secure the company’s core data platform and production systems as it scales its enterprise AI products across industries.

Anywhere Senior Application Security Engineer
CI/CD Go JWT Neo4j OAuth Python React Rust
2 hours, 27 minutes ago
GitLab

Principal Engineer, Software Supply Chain Security

GitLab 1K-5K Internet Software & Services

GitLab is hiring a Principal Engineer, Software Supply Chain Security to lead the technical strategy for securing its DevSecOps platform, with a focus on CI/CD pipeline protection, zero trust architecture, and enterprise-grade software supply chain security.

United States Canada United Kingdom Netherlands Israel Full-time Lead Application Security Engineer Security Engineer
$158k-$338k
CI/CD DevSecOps GitLab Go Kubernetes Rust Secrets Management
3 hours, 12 minutes ago
Greenlight

Staff Product Security Engineer

Greenlight 251-1K Capital Markets

Greenlight is seeking a Staff Product Security Engineer to own end-to-end security for its consumer products, digital platform, and emerging hardware devices in a regulated financial services environment.

United States Full-time Lead Application Security Engineer
$165k-$200k
AWS Burp Suite CI/CD DynamoDB GCP Helm Java Kotlin Kubernetes Metasploit Microservices MySQL Node.js Penetration Testing Postman React Redis Swift SwiftUI
4 hours, 12 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers