Senior Application Security Engineer

7+ years in information security and 3+ years in software development.

Deep understanding of enterprise and cloud-native architectures and their secure design.

Expertise in network and web protocols (TCP/IP, TLS, HTTPS, OAuth 2.0, OpenID Connect) and common attack vectors.

Proven expertise in guiding security development and code evaluations and providing actionable, risk-based recommendations.

Experience integrating SAST, DAST, and dependency scanning into CI/CD pipelines.

Familiar with Agile, DevOps, and modern delivery practices.

Lead security initiatives across the SDLC and improve development practices through scalable automation.

Conduct and guide threat modeling and security requirements early in design phases.

Partner with developers, architects, and product managers to align business goals with security needs.

Lead security architecture and code reviews for distributed systems.

Perform hands-on testing to identify risks and drive remediation with vulnerability and incident response teams.

Advance the Product Security strategy through multi-functional initiatives and cultural influence.