CrawlJobs Logo

Senior Application & Product Security Engineer

babbel.com Logo

Babbel

Location Icon

Location:
Germany , Berlin

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are seeking a Senior Application Security Engineer to build and drive our application and product security program from the ground up. As a software development company specializing in language learning, our platform is central to our business, and securing it is critical to maintaining user trust, product reliability, and operational resilience. This is the first dedicated application security position in the organization. You'll have the opportunity to shape how we approach security across our products and platform from day one. Reporting to the Director of Information Security and internal IT, you will have the ownership and visibility to build a program that scales with the company.

Job Responsibility:

  • Build, maintain, and continuously evolve the application and product security program
  • Partner with engineering, product, and platform teams to embed security into the development lifecycle, improve our cloud security posture, and identify risks early with pragmatic solutions
  • Lead threat modeling throughout the development lifecycle to identify and mitigate risks in new features, architectural changes, and existing systems
  • Define and implement secure coding standards, conduct and guide secure code reviews, deliver developer training and best practices
  • Design and manage security automation across the SDLC, including automated scanning, security gates in CI/CD pipelines, policy-as-code enforcement, and software supply chain security
  • Own the vulnerability lifecycle, detection, triage, prioritization, and remediation, while monitoring emerging threats and industry trends relevant to our technology stack
  • Lead application-layer incident response when security issues arise
  • Drive secure AI adoption across the organization by working closely with engineering teams to establish a framework for the responsible and secure use of AI deployments, AI agents, and MCP servers, ensuring security keeps pace with evolving AI capabilities and integrations

Requirements:

  • Strong experience in application security, product security, or software security engineering roles
  • Solid understanding of modern software development practices, cloud-native architectures (APIs, containers, serverless), and cloud platforms (e.g., AWS, GCP, Azure)
  • Hands-on experience with secure coding principles, common vulnerability classes (e.g., OWASP Top 10), and secure code reviews
  • Proficiency with security tooling across the SDLC
  • SAST, DAST, SCA, CSPM, secrets scanning, and CI/CD security automation
  • Experience performing threat modeling and delivering actionable recommendations
  • Familiarity with securing AI/ML systems, LLM integrations, or agentic AI architectures
  • Strong communication skills with the ability to partner with engineers, contribute to architectural discussions, and explain security concepts to non-technical stakeholders

Nice to have:

  • Background as a software engineer or developer
  • Experience with Infrastructure as Code (e.g., Terraform) and CI/CD automation (e.g., GitHub Actions)
  • Experience in a product-led or agile development environment
  • Knowledge of regulatory or certification frameworks (e.g., ISO 27001)
What we offer:
  • 30 vacation days
  • Family and life situation counseling
  • Flexible working hours
  • Jobbatical (up to 3 months working inside the EU and the UK)
  • Fully equipped office with nap, faith and family rooms
  • Internal learning opportunities
  • Yearly learning & development budget for external training
  • Full access to Babbel to learn languages for free
  • Mobility benefits options
  • Discounted Urban Sports Club membership
  • Part of DE&I Community Networks
  • Attend cultural and regular social events

Additional Information:

Job Posted:
March 19, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Babbel - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Senior Application & Product Security Engineer

Senior Security GRC Engineer

The Senior Security GRC Engineer at Atlassian will be instrumental in implementi...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-7+ years experience in a similar role, preferably in a large-scale SaaS/Product environment
  • Expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience providing SME knowledge and guidance to stakeholders and engineering functions
  • Experience working with internal/external audit and leadership teams
  • Solid knowledge of cybersecurity principles, risk management strategies, and IT governance frameworks
  • Strong communication and interpersonal skills, with the ability to interact with stakeholders at all levels and explain complex security concepts in an understandable way
  • Relevant certifications such as CISSP, CISM, or CRISC would be beneficial
  • Scripting experience to automate recurring tasks (JQL, SQL, Python, Go)
Job Responsibility
Job Responsibility
  • Deliver technical expertise and innovation, providing security guidance to teams and promoting the adoption of industry-leading methodologies to build secure products by default
  • Drive technical solutions in security and risk management
  • Leverage data analytics and visualization, deriving actionable insights from security governance, risk, and compliance data
  • Promote automation and tooling, encouraging the use of the latest security tools to enhance product security processes
  • Proactively identify and mitigate risks, recognizing potential security threats or compliance concerns specific to product security
  • Collaborate with product security teams, implementing security controls and best practices
  • Regularly evaluate and report, assessing the effectiveness of security controls
  • Influence and align stakeholders, working with security engineers and stakeholders to drive alignment on security initiatives
  • Stay informed on regulatory awareness and compliance, keeping up with the latest developments in legislative, regulatory, and industry security requirements
What we offer
What we offer
  • health coverage
  • paid volunteer days
  • wellness resources
  • Fulltime
Read More
Arrow Right

Senior Product Security Engineer

The Product Security team is responsible for making sure Atlassian products and ...
Location
Location
United States , San Francisco; Austin; Seattle; New York
Salary
Salary:
158100.00 - 253900.00 USD / Year
https://www.atlassian.com Logo
Atlassian
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years demonstrated expertise and experience working in security-focused roles
  • Experience with application security, especially web applications
  • Experience in cloud security architecture and infrastructure
  • Experience coding in Java, Python, or Go, and at least one scripting language
  • An ability to reason about security decisions
  • Experience leading projects from start to finish and mentoring other security practitioners
  • An ability to communicate ideas clearly and effectively to engineers who know way more than you about their code
Job Responsibility
Job Responsibility
  • Improve our vulnerability management program
  • Review our products' security posture
  • Define security best practices
  • Empower engineering teams to build secure software by default
What we offer
What we offer
  • Health coverage
  • Paid volunteer days
  • Wellness resources
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

PagerDuty is seeking a Senior Security Engineer to join our diverse, customer-fo...
Location
Location
Canada , Toronto
Salary
Salary:
137000.00 - 207000.00 CAD / Year
https://www.pagerduty.com Logo
PagerDuty
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proficiency with Application & Product Security typically associated with 4 - 5 years of experience in a Security Engineering role working with a cloud-native, microservices environment, preferably AWS
  • Familiarity with cloud-native product technologies including: Vulnerability detection via multiple approaches including SAST, DAST, SCA, and runtime (e.g., Qualys/Nessus, Wiz, Snyk, GHAS, Semgrep, etc.)
  • CI/CD technologies and integrations (e.g., CircleCI, Buildkite, Helm, Terraform, Chef)
  • Product security event logging standards and analysis tools (e.g., SIEM such as: SumoLogic, LogRythm, or Splunk, etc.)
  • Security Incident Response & Risk Management processes and tools
  • Proficiency in at least one programming language and framework (e.g. Python, Bash, Phoenix/Elixir, Java, Ruby on Rails), typically associated with 3 - 4 years of experience with the language/framework
  • Have exceptional written, oral communication, and interpersonal skills
  • Organizational skills with the ability to successfully manage multiple priorities and deadlines
Job Responsibility
Job Responsibility
  • Embrace the role of hands-on technical lead in defining product security standards and guiding platform protections
  • Establish criteria and conduct comprehensive security reviews throughout all stages of product development to identify and address security risks
  • Perform regular threat assessments, coordinate with third-party testers for penetration testing, and conduct internal penetration testing to identify and mitigate security risks
  • Mentor and guide team members to ensure product and business objectives are prioritized in project implementations, fostering a strong documentation culture with project charters and design documents
  • Work with loosely defined requirements where you exercise your analytical skills to clarify questions, share your approach, and collaborate with the team to design and implement effective security frameworks. Maintain a strong appetite for challenging problems with a high degree of ownership
  • Participate in the team’s On-Call rotation, triaging and addressing security issues as they arise, and implement measures to prevent future occurrences
  • Enable service team security implementations by developing security-as-code constructs, including infrastructure-as-code (IaC) modules, libraries and frontend components, while creating and maintaining developer-focused documentation to promote easy adoption
  • Establish and uphold baseline standards and hardened configurations for platform components
  • Continuously enhance security frameworks by focusing on product security standards and software supply chain protections, tailored for application security in cloud-native, microservices environments
What we offer
What we offer
  • Competitive salary
  • Comprehensive benefits package from day one
  • Flexible work arrangements
  • Company equity
  • ESPP (Employee Stock Purchase Program)
  • Retirement or pension plan
  • Generous paid vacation time
  • Paid holidays and sick leave
  • Dutonian Wellness Days & HibernationDuty - companywide paid days off in addition to PTO
  • Paid parental leave: 22 weeks for pregnant parent, 12 weeks for non-pregnant parent (some countries have longer leave standards and we comply with local laws)
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

As a Senior Security Engineer, you will play a crucial role in safeguarding Dash...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Familiarity with application security best practices, including threat modeling
  • Experience operating within an SDLC program
  • An understanding of CI/CD pipelines and their security implications
  • Familiarity in Identity and Access Management (IAM) frameworks and protocols (Passkeys, SAML, OAuth, SCIM, etc)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message.
  • Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you.
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it.
  • Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance.
Job Responsibility
Job Responsibility
  • Help drive the continuous improvement of Dashlane’s security program across the product and company
  • Assist with architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Participate in Compliance and Incident Response activities
What we offer
What we offer
  • Flex Benefits - monthly amount to be allocated to a pool of benefits of your choice.
  • Health insurance covered by Dashlane.
  • Extended time off and well-being days - add 5 days to you vacation quota, plus your birthday day off, and 4 extra days (one per quarter) to acknowledge the importance of your wellbeing.
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption.
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Flexible working hours - depending on the role, determine a schedule that fits your need, in alignment with your manager.
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane.
  • Mental health services through Spring Health for you and for you and family members.
  • Team buildings & seasonal social events.
  • Weekly lunch in the office and monthly happy hour and much more.
  • Fulltime
Read More
Arrow Right

Senior Frontend Engineer (Application Security)

At Easygo, our DevSecOps team is at the heart of our engineering, security and o...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
easygo.io Logo
Easygo Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's/Master's degree in Computer Science or equivalent practical experience
  • 7+ years of hands-on experience in software engineering, with a primary focus on security engineering
  • Strong understanding of code architecture and design principles
  • Excellent problem-solving skills and the ability to thrive in a fast-paced, dynamic environment
  • Strong communication skills for effective collaboration with teams and stakeholders
  • Analytical mindset to address complex technical challenges and devise innovative solutions
  • Positive attitude and eagerness to learn new technologies to grow as a security engineer
Job Responsibility
Job Responsibility
  • Lead by example, and drive the adoption of secure software development lifecycle (SSDLC) practices. This includes performing threat modelling, providing secure coding guidance to development teams, and embedding security requirements early in the design phase
  • Own, improve, execute and manage various security tests, including SAST, DAST, and SCA, to identify vulnerabilities. Analyse test results and prioritise findings. Fix what you find, and work with developers to ensure timely remediation
  • Implement and maintain automated security controls within the CI/CD pipeline. This involves integrating security tools to enable continuous security testing and monitoring, making security an integral part of the DevSecOps process
  • Deploy and configure Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) solutions to protect from real-time attacks. Respond to urgent application security incidents as needed
  • Take ownership of the platform vulnerability management program. This involves tracking, prioritising, and remediation of security flaws found in applications, ensuring all vulnerabilities are addressed and verified
  • Actively engage in hands-on coding, testing, debugging, and troubleshooting to ensure code quality, scalability, and maintainability
  • Write efficient, scalable, and maintainable code, adhering to coding standards and best practices
  • Innovate within the team by pushing for improvements and driving constructive changes to enhance team performance and efficiency
  • Analyse complex problems and provide effective solutions, contributing to team goals and initiatives
  • Lead and independently complete medium-sized projects or initiatives from start to finish
What we offer
What we offer
  • Access to over 9,000 courses across our Learning and Development Platform
  • EAP access for you and your family
  • Be rewarded with lucrative annual bonuses
  • Give back with a paid volunteer day
  • Fuel your day with daily breakfast and open pantries brimming with unlimited snacks and refreshments, all on the house
  • Break up the week with on site remedial massage Wednesdays
  • In house full-time barista’s providing you your daily coffee needs
  • Weekly team lunches and happy hour in the office from 4pm on Fridays
  • Enjoy a bustling office with the option for up to 2 days work from home per week
  • Fun office environment with pool tables, table tennis and all your favourite gaming consoles
  • Fulltime
Read More
Arrow Right

Senior Software Engineer, Product Engineering

Everlaw is looking for a Senior Software Engineer with experience building and s...
Location
Location
United States , Oakland
Salary
Salary:
164000.00 - 239000.00 USD / Year
everlaw.com Logo
Everlaw
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS or MS in Computer Science, or equivalent coursework
  • Experience and proficiency in coding in a language such as C, C++, C#, Java, Python, Javascript, Go or Rust
  • Good knowledge of algorithms and fundamental computer science concepts, relational databases, API design, and building user interfaces
  • At least 5 years of experience building distributed systems in the cloud with service based architecture, using frontend frameworks to create rich, deep, web applications, and experience with the best practices to test, maintain, and launch cloud based software
  • At least 1 year of experience leading or coordinating multi-developer efforts, including planning and technical breakdown
Job Responsibility
Job Responsibility
  • Build customer-facing features that represent the core of our product, including document and image/multi-modal processing, collaborative review tools, organization, translation tools, search, review, and more
  • Use AI technologies to find the evidence rapidly such as document classification, predictive coding, transfer learning and LLMs
  • Collaborate with one or more of the Product, Design, Engineering Operations, Security Engineering, and DevOps teams to build out and implement new features that are used in our production environments
  • Help with scaling our system to larger datasets with hundreds of millions of documents
  • Provide Technical Mentorship to other engineers by both sharing your technical knowledge and becoming an expert in an area of our code base
  • Be a Code Reviewer by reviewing code developed by others using your knowledge of programming languages, design patterns, and best practices
  • Fix defects in our product by triaging product or system issues and writing code to debug, track and resolve these issues
  • Provide on-call support for the product by answering questions from customers, triaging defects and exceptions, and carrying the pager
  • Contribute to documentation for internal engineering consumption or for external the Everlaw platform
  • Do technical interviews to help us recruit engineers and grow the team
What we offer
What we offer
  • Equity program
  • 401(k) retirement plan with company matching
  • Health, dental, and vision
  • Flexible Spending Accounts for health and dependent care expenses
  • Paid parental leave and approximately 10 days (80 hours) per year of sick leave
  • Seventeen paid vacation days plus 11 federal holidays
  • Membership to Modern Health to help employees prioritize mental health and wellness
  • Annual allocation for Learning & Development opportunities and applicable professional membership dues
  • Company-sponsored life and disability insurance
  • Work in Downtown Oakland, just steps from the BART line and dozens of restaurants
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy