Application Security Engineer (Remote - Europe)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Application Security Engineer in Europe.

This role offers the opportunity to strengthen application security for a fast-growing, innovative platform serving a global audience. You will lead and manage bug bounty programs, perform security testing, and work closely with development and product teams to identify and remediate vulnerabilities. Your contributions will help integrate security into the software development lifecycle, enhance threat detection, and ensure secure, resilient applications. The position blends hands-on security work, collaboration, and mentoring in a fully remote, inclusive environment where autonomy, innovation, and teamwork are highly valued.

• Own and manage bug bounty programs: triage reports, validate findings, and reproduce proofs of concept (PoCs).
• Collaborate with developers and product owners to propose and support remediation of security issues.
• Write or review pull requests to fix security vulnerabilities directly in the codebase.
• Validate results from external penetration tests and integrate them into the development backlog.
• Contribute to threat modeling, secure code reviews, and security design discussions.
• Support the Secure Development Lifecycle (SAST, dependency scanning, and CI/CD security automation).
• Perform lightweight penetration testing of new features and releases when needed.
• Maintain clear documentation to support application security processes.
• Coordinate communication between Security, Development, and Product teams for faster resolution of security tickets.

• Previous experience as a developer in a modern backend or frontend stack.
• Hands-on security experience through bug bounty programs, CTFs, or penetration testing.
• Solid understanding of common application vulnerabilities (e.g., OWASP Top 10, SSRF, IDOR).
• Familiarity with SAST/DAST tools such as SonarQube and Snyk.
• Experience collaborating with developers and product teams.
• Strong problem-solving and communication skills with a "find and fix" mindset.

• Experience creating or merging pull requests for security fixes in production code.
• Knowledge of secure coding practices in web and API development.
• Familiarity with CI/CD and DevOps tools (e.g., Jenkins, GitLab CI, Terraform, Helm).
• Exposure to WAFs, anti-bot solutions, or related application security defenses.
• Interest in contributing to security automation and developer enablement.

• Remote-first work with flexibility to thrive anywhere in Europe.
• International, diverse team with inclusive culture.
• Generous paid time off to ensure work-life balance.
• Health insurance fully covered.
• Work-from-home and co-working space budgets to optimize your setup.
• Learning and development budget to enhance your skills.
• Mental health care initiatives to support well-being.
• In-person team gatherings and social events to foster community.
• Opportunities for career growth in a fast-growing startup environment.