Sr. Application Security Engineer

is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseyas bestinbreed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained strong doubledigit growth over the past several years and is backed by Insight Venture Partners ) a leading global private equity firm investing in highgrowth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000 Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our awardwinning solutions go to and for more information on Kaseyas culture please click here : Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD being GRITTY being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers and the betterment of their careers and longterm financial wealth.

Position Overview

As an Application Security Engineer you will play a key role in ensuring that Kaseyas applications are secure by proactively identifying and mitigating security vulnerabilities within the code. Your primary focus will be to embed security into the development lifecycle ensuring applications are built with security at their core.

You will work closely with development teams to review code implement security best practices and identify vulnerabilities at all stages of development. You will be responsible for assessing code executing security testing and helping to embed secure coding practices across development processes.

Primary Responsibilities

Perform Security Assessments and Code Reviews : Conduct thorough security assessments focusing on identifying and mitigating vulnerabilities in application code. Perform secure code reviews to ensure that applications are secure by design.

Implement Security Best Practices : Develop implement and enforce security guidelines for developers to follow. Ensure that secure coding practices are followed throughout the software development lifecycle (SDLC).

Vulnerability Remediation : Work with development teams to address and resolve identified security vulnerabilities ensuring they are fixed efficiently and properly tested.

Security Testing Integration : Integrate security testing tools (e.g. Static Application Security Testing SAST Dynamic Application Security Testing DAST) into the development pipeline to identify vulnerabilities early in the development process.

Threat Modeling : Work with developers to perform threat modeling identifying potential security risks in the architecture and design of applications.

Continuous Improvement : Continuously research and apply new security techniques tools and methodologies to enhance the organizations application security posture.

Collaboration with Development Teams : Collaborate directly with development teams to ensure that security is integrated into every phase of application development from design to deployment.

Skills & Qualifications

Required

Experience with Vulnerability Assessment Tools : Familiarity with security tools such as SAST DAST and IAST (Interactive Application Security Testing) and experience with scanning and interpreting results to fix vulnerabilities.

Deep Knowledge of Web and Application Security : Strong understanding of common web application vulnerabilities (OWASP Top 10) such as SQL injection crosssite scripting (XSS) and crosssite request forgery (CSRF).

Experience with Threat Modeling : Knowledge of threat modeling frameworks and methodologies to identify potential security risks and mitigate them during development.

Proven ProblemSolving Skills : Ability to identify security flaws within application code and effectively collaborate with developers to resolve them.

Strong Communication Skills : Ability to clearly document security issues report findings and communicate with both technical and nontechnical stakeholders.

Preferred

Familiarity with Security Frameworks and Libraries : Experience working with security libraries and frameworks (e.g. Spring Security OWASP DependencyCheck etc.) to enhance application security.

Understanding of Security Automation : Experience in automating security testing within the CI / CD pipeline to ensure continuous security verification during development.

Cloud Security Knowledge : Experience securing cloudnative applications and familiarity with cloud security platforms (e.g. AWS Azure Google Cloud).

Education & Certifications

Minimum

Bachelors degree in Computer Science Cybersecurity or a related field .

At least one expertlevel security certification such as Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) or Certified Secure Software Lifecycle Professional (CSSLP).

Preferred

Additional certifications or coursework in application security or advanced threat modeling would be a plus.

Experience

Minimum

At least 2 years of experience in an application security engineering role focusing on secure coding vulnerability assessment and secure development practices.

5 years of experience in IT with significant handson experience in software development and application security.

Preferred

Over 10 years of experience in IT with an extensive focus on application security.

Experience with DevSecOps practices and embedding security within Agile and DevOps environments.

IND2

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information

Kaseya provides equal employment opportunity to all employees and applicants without regard to race religion age ancestry gender sex sexual orientation national origin citizenship status physical or mental disability veteran status marital status or any other characteristic protected by applicable law.

Required Experience :

Senior IC

Key Skills

Employment Type : Full Time

Experience : years

Vacancy : 1

Application Engineer • Madrid, Madrid, Spain