TrueML is looking for a Sr. Application Security Engineer to champion security practices within our global technology organization. You will be a critical partner to engineering teams, ensuring the secure design, development, and deployment of our applications.
What You'll Do
- Lead security reviews and threat modeling for new and existing applications.
- Design and implement security controls and best practices within the development lifecycle.
- Conduct application security assessments, including static and dynamic analysis.
- Collaborate with engineering teams to remediate identified security vulnerabilities.
- Develop and deliver security training and guidance for developers.
- Contribute to the development of security tooling and automation.
What We're Looking For
- 5+ years of direct experience in application security, software development, or a related field.
- Deep understanding of web application security vulnerabilities (OWASP Top 10) and their mitigations.
- Experience with security tools for SAST, DAST, and software composition analysis.
- Proficiency in at least one programming language (e.g., Python, Go, Java, JavaScript).
- Strong ability to communicate security risks and solutions to technical and non-technical stakeholders.
- Proven experience integrating security into CI/CD pipelines.
Nice to Have
- Experience in a fast-paced, product-driven SaaS environment.
- Knowledge of cloud security principles (AWS, GCP, or Azure).
- Experience with container and orchestration security (Docker, Kubernetes).
- Relevant security certifications (e.g., GWAPT, GXPN, CSSLP).
Work Mode
This is a global remote position. Candidates must be based in and authorized to work in the USA, Mexico, Argentina, Dominican Republic, or Costa Rica.
TrueML is an equal opportunity employer.
