RemoteLeaf Logo
Log in Sign up

Application Security Engineer

3 hours, 10 minutes ago
United States, United Kingdom, Poland, Portugal, Spain, South Africa
Full-time
Senior
Application Security Engineer
Cybersecurity
Blockchain CI/CD Cloudflare GraphQL JavaScript Penetration Testing REST API TypeScript
Apply Now
MoonPay

MoonPay

MoonPay is a specialist provider and operator of multiple, alternative digital payment technologies and infrastructure. They offer a total solution for payment requirements, including card issuing, program management, and pay2card services. MoonPay is ...

Diversified Financial Services
251-1K
Founded 2018
$1050M raised
View All Jobs 12

Description

  • Conduct threat modelling reviews of technical design documents for new and existing features and provide actionable security recommendations.
  • Perform application security assessments, including penetration testing, vulnerability assessments, and proof-of-concept development when needed.
  • Investigate, triage, validate, and respond to Bug Bounty submissions and coordinate remediation with engineering teams.
  • Own and improve application-layer protections, including managing and tuning Cloudflare WAF and related controls.
  • Partner with engineering teams to embed security best practices throughout the SDLC from design through deployment and maintenance.
  • Research emerging threats and vulnerabilities and translate findings into practical mitigation strategies.
  • Develop and deliver security guidance, training, and awareness for engineering teams.
  • Contribute to the creation, maintenance, and evolution of security standards, processes, and documentation.
  • Participate in and eventually lead incident response activities, including investigation, containment, remediation, and post-incident improvements.

Requirements

  • Experience across multiple security domains, including web and mobile application security, infrastructure security, and cloud security.
  • Hands-on experience with white-box, source code-assisted web and mobile application penetration testing.
  • Ability to read, understand, and review source code to identify security issues, ideally in JavaScript and TypeScript codebases.
  • Strong understanding of threat modelling principles and their application to the secure SDLC.
  • Experience working with web application firewalls to assess coverage and tune rules against common attack patterns.
  • Experience embedding application security practices into CI/CD pipelines.
  • Ability to clearly communicate security findings, attack paths, and mitigations to both technical and non-technical audiences.
  • Self-motivated, proactive, and comfortable taking ownership in a remote working environment.
  • Nice-to-have experience with GraphQL and REST API security testing, including common attack vectors and security considerations.
  • Nice-to-have experience or strong interest in Web3 security testing, including smart contracts, blockchain-based applications, or Web3 integrations.
  • Nice-to-have experience with Cloudflare hosting and WAF capabilities.
  • Nice-to-have involvement in the security community through open source, CTFs, meetups, or conferences.
  • Nice-to-have experience launching products in FinTech, SaaS, or Crypto.
  • Nice-to-have certifications such as OSCP or OSWE.

Benefits

  • Competitive salary package.
  • Equity package with employee ownership at MoonPay.
  • Pay-for-performance equity bonus.
  • Moonshot award with a $250,000 equity grant for exceptional impact.
  • Unlimited holidays.
  • Remote-first working options, with the choice to work fully remotely or from a Moonbase.
  • Private healthcare benefits.
  • Enhanced parental leave.
  • Annual training budget.
  • Home office setup allowance.
  • Remote working allowance for fully remote employees.
  • Monthly product budget and zero-fee crypto transactions.
  • Employee referral programme with a 10K USDC referral reward.
  • Regular remote company offsites and in-person sessions.
  • Opportunity to work in a disruptive, fast-growing company where excellence is rewarded.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Canary

Senior Application Security Engineer

Canary 11-50 Internet Software & Services

Canary Technologies is hiring a Senior Application Security Engineer to embed security into its fully remote engineering organization and help secure and scale its hospitality software platform.

United States Full-time Senior Application Security Engineer
AWS Burp Suite CI/CD Encryption GitHub Actions GitOps Go Helm JavaScript Kubernetes Penetration Testing Python Secrets Management SonarQube Terraform WAF
25 minutes ago
Pennylane

Senior Application Security Engineer

Pennylane 251-1K Diversified Financial Services

Pennylane is hiring a Senior Application Security Engineer to safeguard its web application, cloud infrastructure, and development practices while supporting compliance and security awareness across a fast-growing remote fintech team.

United Kingdom Croatia France Germany Greece Ireland Italy Poland Portugal Romania Spain Full-time Senior Application Security Engineer
AWS CI/CD JavaScript Kubernetes Penetration Testing Python React Ruby Ruby on Rails
1 hour, 10 minutes ago
Spotify

Security Engineer - Product Security

Spotify Media

Spotify is hiring a Security Engineer for its Product Security team in London or Stockholm to help secure engineering initiatives, application development, and AI-driven systems at global scale.

United Kingdom Sweden Full-time Senior Application Security Engineer Security Engineer
Agile C++ Encryption Generative AI Java Machine Learning Python Scala TypeScript
1 hour, 40 minutes ago
Magnet Forensics

Vulnerability Researcher

Magnet Forensics 251-1K Internet Software & Services

Magnet Forensics is hiring a U.S.-based, remote Vulnerability Researcher to support digital investigative software used to analyze evidence from computers, smartphones, tablets, and IoT devices.

United States Full-time Mid Level Application Security Engineer
$150k-$200k
IoT
2 hours, 40 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers