Application Security Engineer
Sumsub is the one verification platform to secure the whole user journey. With Sumsub’s customizable KYC, KYB, transaction monitoring and fraud prevention solutions, you can orchestrate your verification process, welcome more customers worldwide, meet compliance requirements, reduce costs and protect your business.
Sumsub has over 2,000 clients across the fintech, crypto, transportation, trading, e-commerce and gaming industries including Binance, Wirex, Avis, Bybit, Huobi, Unlimit, Flutter, Kaizen Gaming, and TransferGo.
We are looking for an Application Security Engineer to join our rapidly growing team.
What You'll Do:
- Support development teams as they develop new features by conducting design reviews, threat modelling, and code reviews.
- Improve existing SAST/SCA/DAST tooling (rules development, configuration, scan automation).
- Perform internal security testing activities.
- Develop technical solutions and new security tools to mitigate security vulnerabilities.
- Assist in triage for our bug bounty program.
- Stay abreast of emerging security threats and technologies to ensure our defences remain strong and proactive.
About You:
- 3+ years of application security and/or development experience.
- Strong understanding of OWASP Top 10 vulnerabilities and corresponding best practices for mitigation.
- The ability to perform thorough threat modelling of web applications.
- Strong programming/scripting skills (Java, Javascript and/or Python strongly desirable.)
- Strong communication skills.
- Demonstrated strong analytical and problem-solving skills.
Bonus Points:
- Familiarity with AWS, Kubernetes and modern web development tooling.
- Experience of working in a company with strong compliance requirements.
- Professional certifications (CEH, OSCP, etc).
- Active participation in CTF's and BugBounty programs.
What We Offer:
- Competitive compensation in compliance with your professional expertise
- Working with a product that matters. Our technology helps to protect millions of users and many online services worldwide.
- International project. Our team works from offices in Berlin, Limassol, London, and Miami, our customers are spread from Mexico and the USA to Hong Kong, South Korea, and Singapore.
- Remote first company – work from anywhere in the world.
- Paid vacation and sick leave.
Does it sound like a great opportunity for your career development? Then go ahead and apply!
- Department
- Security
- Remote status
- Fully Remote
Application Security Engineer
Loading application form