RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

4 days, 20 hours ago
United Kingdom
Full-time
Senior
Application Security Engineer
Cybersecurity
Burp Suite CI/CD Django GCP MongoDB Penetration Testing Python Terraform Vue.js
Apply Now
Prolific

Prolific

Prolific is a platform that enables researchers to quickly find trustworthy research participants. With a pool of over 120,000 active and verified participants, Prolific ensures high-quality responses through continuous monitoring and engagement. The p...

Professional Services
51-250
Founded 1997
$0M raised
View All Jobs 158

Description

  • Serve as the technical authority for application security across Prolific’s engineering organization.
  • Perform hands-on security testing and code review to identify and remediate vulnerabilities in web applications and APIs.
  • Lead threat modelling sessions for new features and high-risk systems.
  • Build, automate, and maintain security tooling for detection, testing, and remediation workflows.
  • Implement and tune SAST, SCA, DAST, and secret scanning in CI/CD pipelines.
  • Partner with product engineering, platform, data, and TechOps teams to embed secure development practices across the SDLC.
  • Run penetration tests and improve detection coverage for emerging threats.
  • Explain security issues clearly to engineering teams and drive remediation efforts.
  • Stay ahead of modern attack paths and security risks affecting participant data, credentials, payment flows, and API integrations.

Requirements

  • Several years of experience in application security, product security, or security engineering.
  • Strong knowledge of OWASP Top 10 for web and API security.
  • Experience with modern attack paths such as authentication flaws, SSRF, injection, business logic abuse, and supply chain attacks.
  • Hands-on security testing experience across web apps and APIs, especially using Burp Suite.
  • Experience working with complex, large-scale systems and modern architectures.
  • Proficiency in Python for security tooling, automation, or custom detection; Django experience is a plus.
  • Experience implementing and tuning SAST, SCA, DAST, and secret scanning in CI/CD.
  • Practical threat modelling experience, including leading lightweight sessions.
  • Strong collaboration and communication skills with the ability to drive remediation.
  • Experience with Django, Vue.js, MongoDB, or GCP is preferred.
  • Experience with security champions or bug bounty programmes is preferred.
  • Experience with supply chain security, including SCA, SBOMs, and dependency review, is preferred.
  • Experience with IaC security such as Terraform or policy-as-code is preferred.
  • Hands-on certifications such as OSCP, GWAPT, or BSCP are preferred.
  • Experience helping build security practices in scaling environments is preferred.

Benefits

  • Competitive salary.
  • Benefits package.
  • Remote working.
  • Mission-driven culture.
  • Access to a unique human data platform and opportunities for groundbreaking research.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bugcrowd

Product Security Engineering Manager

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Product Security Engineering Manager to lead application, platform, and FedRAMP security programs while guiding a distributed team and advancing secure-by-default engineering across the company.

United States Full-time Senior Application Security Engineer
$176k-$242k
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
15 hours, 40 minutes ago
MongoDB

Senior Product Security Engineer, Server

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Product Security professional to strengthen the security of its core database products and customer-facing security features for its Database Server team in Dublin or remotely in Ireland.

Ireland Full-time Senior Application Security Engineer
AWS Azure C++ Encryption GCP MongoDB Penetration Testing Secrets Management
20 hours, 21 minutes ago
MongoDB

Director, Identity & Security Product Management

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Director of Identity and Security Product Management in Canada to lead the strategy and roadmap for IAM and security across its Atlas platform, core database, and related services.

Canada Full-time Executive Application Security Engineer Product Manager
$87k-$110k
AWS Azure GCP JIRA Microservices MongoDB Network Security
21 hours, 49 minutes ago
Backblaze

Sr. Software Engineer - Application Security

Backblaze 251-1K IT Services

Backblaze is hiring an Application Security Engineer to strengthen the security of its cloud storage and backup products by embedding application security into new and existing software across a large, distributed stack.

Mexico Colombia Argentina Costa Rica Full-time Senior Application Security Engineer Software Engineer
C C++ Encryption Go HTTP Java JavaScript Linux Node.js Python REST API TypeScript
22 hours, 1 minute ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers