CrawlJobs Logo

Appsec Engineer

https://feverup.com/fe Logo

Fever

Location Icon

Location:
Spain , Madrid

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Employment contract

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

This role will focus on preventing and protecting Fever from security threats, vulnerabilities, and weaknesses by proactively testing, implementing, and improving the security of our cloud services, applications, and infrastructure. The AppSec Engineer will work as part of the Cybersecurity team, focusing on defensive security for cloud environments, leveraging advanced technologies to enhance Fever’s security posture in a dynamic and high-growth environment.

Job Responsibility:

  • Manage and improve the vulnerability management process for cloud environments including containers, hosts and applications
  • Conduct regular security assessments to identify vulnerabilities and misconfigurations in the AWS ecosystem
  • Enforce AWS security best practices, including secure configurations, architecture and processes
  • Perform risk assessments based on cloud architecture best practices to provide technical security expertise to stakeholders in implementing secure solutions
  • Develop and deploy automated security solutions to improve vulnerability reporting, tracking and remediation processes
  • Collaborate with DevOps and engineering teams to integrate security best practices into cloud environments
  • Monitor performance of vulnerability management, secure configuration and architecture implementations

Requirements:

  • Hands-on expertise in vulnerability management for cloud environments, containers, and applications
  • Proficiency in scripting for automation and security operations (Python, Go or similar)
  • Strong experience with AWS cloud infrastructure security including configurations, networking, Identities, etc.
  • Deep understanding of cloud security frameworks, best practices and secure architecture principles
  • Ability to analyze security threats and implement proactive defense mechanisms
  • Strong analytical and problem-solving skills
  • Ability to work cross-functionally to drive security initiatives
  • 4+ years of experience in cloud security and/or cybersecurity roles
  • Bachelor or Master’s Degree in Computer Science, Information Security, or another similar relevant degree (or equivalent experience in a technical security role)
  • Fluent in english
  • Good communication skills

Nice to have:

  • Experience with Cloud Native Application Protection Platform (CNAPP) tools and/or centralized vulnerability management operations
  • Familiarity with infrastructure as code (Terraform, CloudFormation, or similar)
  • Experience securing containerized workloads (Docker, Kubernetes, ECR)
  • Experience with Cloud Security Posture Management (CSPM) tools to ensure compliance and security best practices
  • Security certifications (e.g. CISSP, AWS Security or similar)
What we offer:
  • Opportunity to have a real impact in a high-growth global category leader
  • 40% discount on all Fever events and experiences
  • Position based in Madrid, home office friendly
  • Relocation package for international candidates
  • Responsibility from day one and professional and personal growth
  • Great work environment with a young, international team of talented people to work with
  • Health insurance and other benefits such as Flexible remuneration with a 100% tax exemption through Cobee
  • English Lessons
  • Gympass Membership
  • Possibility to receive in advance part of your salary by Payflow
  • Attractive compensation package consisting of base salary and the potential to earn a significant bonus for top performance

Additional Information:

Job Posted:
April 30, 2025

Employment Type:
Fulltime
Work Type:
On-site work
Icon
Fever - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Appsec Engineer

Security Engineer, AppSec and Cloud

The Security Engineer, AppSec and Cloud will be responsible for securing applica...
Location
Location
Salary
Salary:
Not provided
aciinfotech.com Logo
ACI Infotech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in application or cloud security roles
  • Expertise in SSO, RBAC, and secrets management
  • Strong knowledge of cloud security controls (IAM, KMS, VPC, WAF)
  • Hands-on experience with threat modeling and vulnerability scanning
  • Experience partnering with engineers to implement secure defaults
  • Ability to translate risk into actionable remediations
  • Strong skills in documentation and incident response
Job Responsibility
Job Responsibility
  • Perform security reviews across code, infrastructure, and deployments
  • Implement SAST, DAST, and dependency scanning at scale
  • Harden identity, network, data, and secrets management
  • Define and enforce zero-trust security patterns
  • Conduct threat modeling workshops for critical flows
  • Drive secure SDLC adoption with automated checks
  • Partner with engineering to ensure secure-by-default practices
  • Fulltime
Read More
Arrow Right
New

Senior Engineer, Security

As a Senior Security Engineer you will be a subject matter expert responsible fo...
Location
Location
United States , Boston, MA
Salary
Salary:
Not provided
atscale.com Logo
AtScale
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 6+ years Security Engineering / AppSec experience in high-scale distributed systems
  • Experience securing both cloud and on-prem enterprise software deployments
  • Strong hands-on technical background: code, runtime debugging, containers, K8s, CI/CD
  • Expert level understanding in CVEs, vulnerability management, dependency management, SBOM
  • Experience building/operationalizing threat detection, telemetry, and security logging pipelines
  • Strong SOC 2 execution experience (control implementation + evidence + testable automation)
  • Able to work cross-functionally and influence
Job Responsibility
Job Responsibility
  • Hands-on development and tooling to secure code, containers, runtime, and deployment pipelines
  • Lead CVE remediation efforts and build sustainable CVE automation and gating
  • Implement security telemetry, malware detection, anomaly detection, and secure phone-home supportability for on-prem customers
  • Drive secure coding practices, static/dynamic analysis, threat modeling, and secure SDLC enablement
  • Collaborate with Platform, SRE, DevOps, and QA to harden infra, IAM, and default configurations
  • Participate deeply in code reviews, architecture reviews, and design reviews
  • Lead CrowdStrike SIEM integration efforts, including building custom connectors and data pipelines to enhance visibility, detection coverage, and security monitoring capabilities.
  • Work directly with Sales, Sales Engineering, and customers on security posture, audits, POCs, compliance reviews, and enterprise buyer security questions
  • Own security observability and monitoring, defining logs, metrics, alerts, and dashboards to ensure real-time visibility and rapid threat detection.
  • Manage and coordinate 3rd-party penetration testing engagements, scope definition, evidence delivery, and remediation plans
What we offer
What we offer
  • Competitive compensation, including equity.
  • Flexible, remote-friendly work environment with a strong culture of ownership and trust.
  • Unlimited PTO and competitive benefits.
  • The opportunity to directly shape AtScale’s growth by building the team that powers our next phase.
  • Fulltime
Read More
Arrow Right

Application Security Engineer

At JFrog, we’re ​​running the software that runs the world – and we want you alo...
Location
Location
Israel , Netanya/Tel Aviv
Salary
Salary:
Not provided
jfrog.com Logo
JFrog
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in AppSec And Product Security
  • Deep Knowledge in Application security and Vulnerabilities
  • Strong coding/scripting background (e.g., Python, Go, Java, JavaScript)
  • Hands-on experience with CI/CD pipelines, security tools, and DevSecOps practices
  • Familiarity with modern architectures (e.g., Cloud, microservices, containers, Kubernetes)
  • Understanding of software development processes and secure coding principles
  • Strong communication and collaboration skills
Job Responsibility
Job Responsibility
  • Assist in the development of internal security tools and AI agents
  • Support the design and implementation of SSDLC practices and automated security controls across the CI/CD pipeline
  • Contribute to building and operating scalable vulnerability management frameworks across cloud-native services and SaaS products
  • Integrate security into Agile and DevOps processes, including threat modeling, SAST, DAST, and SCA
  • Develop Internal application security Tools and Automations
  • Partner with development and DevOps teams to embed security early and often
  • Contribute to secure code reviews and assist with remediation strategies
  • Track, triage, and report vulnerabilities across product lines
  • Support the adoption of secure development best practices
Read More
Arrow Right

Senior Application Security Engineer

As an Application Security - Senior Product Security Engineer, you will play a c...
Location
Location
United States
Salary
Salary:
157000.00 - 216000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment
  • Strong understanding of web app and API security, microservices, and containerized architectures
  • Experience integrating security tooling into modern CI/CD workflows
  • Proficiency with SAST, DAST, IaC scanning, and container security platforms
  • Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript)
  • Familiarity with AWS security, Kubernetes security, and DevSecOps best practices
Job Responsibility
Job Responsibility
  • Lead application security initiatives across all SaaS products and microservices
  • Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems
  • Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools
  • Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads
  • Drive AppSec awareness and training, developing secure coding practices and guidelines
  • Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices
  • Support bug bounty and vulnerability disclosure programs and coordinate penetration testing
  • Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus
  • Equity
  • Generous benefits program
  • Fulltime
Read More
Arrow Right

Senior Cybersecurity Engineer

As a Senior Cybersecurity Engineer, you will be at the forefront of driving secu...
Location
Location
United States , Bellevue; Overland Park; Frisco; Herndon
Salary
Salary:
103400.00 - 186400.00 USD / Year
https://www.t-mobile.com Logo
T-Mobile
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree Computer Science or Information Technology or equivalent work experience
  • 4-7 years Experience in info security technology or related field
  • Experience with incident handling for Security breaches
  • Expert in security subject areas
  • 2-4 years Technical Project Management
  • Experience with high level design architecture, security technologies, Networking, web services and SOA
  • Understanding of encryption, obfuscation, tokenization technologies
  • Medium to advance knowledge of Scripting tools (Python/Perl/Shell/HTML/PHP)
  • Knowledge of federal & compliance regulations e.g. SOX, PCI & CPNI
  • Familiarity with load balancers (ex – A10, F5), firewalls (ex – CheckPoint), Venafi, MDM (ex - Mobile Iron), Cloud (ex - AWS, Azure), Malware Protection (ex -FireEye), Advanced Persistent Threats (ex - Damballa), Privileged Accounts (ex – CyberArk), SIEM (ex – ArcSight), Log & Event (ex – Splunk), Intrusion IDS/IPS (ex – Symantec) , Cloud Platform (ex – PCF, Docker), Scanning (ex – Qualys), AppSec (ex - Veracode)
Job Responsibility
Job Responsibility
  • Leads security, compliance, and risk assessments on projects throughout project lifecycle
  • Improves process efficiency by creating and implementing creative and sustainable changes to existing deployment methodologies
  • Leads the identification of security needs & recommends plans/resolutions
  • Implements, tests & monitors info security improvements
  • Maintains transparency inside & outside of information security at the People management level
  • Communicate with groups such as application support, engineering ops, finance, privacy, risk management, etc
  • Leads information security policy lifecycle throughout, including intake, creation, review, approval, implementation, publishing, communication & maintenance
  • Implements security projects driven by groups both internal and external to info security
  • Mentors peers and junior team members in security technologies, enterprise solution design and facilitation and effective customer interaction
  • Experience with implementation of various threat modeling approaches pertaining to one or more of the following STRIDE, PASTA, TRIKE, ATTACK TREE, DREAD, KILL CHAIN, CAPEC, Mobile Application threat model, Cyber Threat Tree, and data flow diagram
What we offer
What we offer
  • Competitive base salary and compensation package
  • Annual stock grant
  • Employee stock purchase plan
  • 401(k)
  • Access to free, year-round money coaches
  • Medical, dental and vision insurance
  • Flexible spending account
  • Paid time off
  • Up to 12 paid holidays
  • Paid parental and family leave
  • Fulltime
Read More
Arrow Right
New

Cyber Security Defense Head of Department

The Cyber Security Defense Head of Department (HOD) will lead and mature our org...
Location
Location
United States , Irvine
Salary
Salary:
181240.00 - 259160.00 USD / Year
haeaus.com Logo
Hyundai AutoEver America
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15–20 years of progressive experience across the various cyber defense disciplines (SOC, Incident Response, Red/Blue teams, or similar defensive/offensive functions)
  • Proven experience leading cyber defense teams
  • Demonstrated ability to hire, mentor, and lead high-performing technical teams
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or a related discipline
  • Strong knowledge of threat detection, incident response, adversary tactics (MITRE ATT&CK), vulnerability management, and secure software development
  • Excellent incident management, communication, and executive reporting skills
  • Proficient in English for effective communication and coordination
  • In the absence of IR team members, utilize a flexible work schedule to facilitate the security incident response process for high/critical incidents
Job Responsibility
Job Responsibility
  • Develop and execute the Cyber Defense strategy aligned with organizational goals, customer requirements and the evolving threat landscapes
  • Establish frameworks, processes, and KPIs for SOC, Incident Response, TVM, AppSec, Red/Blue Teaming, and Adversary Simulation
  • Serve as a senior advisor to the CISO and executive leadership on cyber risks, readiness, and emerging threats
  • Oversee 24x7 SOC operations, ensuring effective monitoring, detection, and response to security events, across levels 1-3
  • Drive continuous enhancement of detection engineering, threat hunting, and security analytics
  • Implement best-in-class security tooling, automation, and operational processes
  • Lead internal Red Team and offensive security capabilities, including penetration testing
  • Define testing methodologies, operational rules of engagement, and reporting standards
  • Translate offensive findings into actionable improvements for defensive teams and architecture
  • Oversee the Incident Response program, ensuring rapid and effective handling of security incidents
  • Fulltime
Read More
Arrow Right
New

Principal Engineer, Cybersecurity

The Cybersecurity Principal Engineer will help ensure that our software, systems...
Location
Location
United States , Overland Park; Frisco; Bellevue
Salary
Salary:
127800.00 - 230700.00 USD / Year
https://www.t-mobile.com Logo
T-Mobile
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree, Computer Science, or Information Technology (required)
  • 7-10 years’ Experience with increasing responsibility with security related software and/or business process design (Required)
  • 4-7 years’ Experience with the following: project/team lead, formal implementation SDLC, facilitation of cross-functional solution design teams
  • 4-7 years’ Technical Project Management
  • Previous Leadership experience
  • Be subject matter expert in multiple security subject areas
  • Experience with high level design architecture, security technologies, networking, web services and SOA
  • Subject matter expert in all facets of network & information security, including Firewall policy design, SSL Certificate management, vulnerability analysis & mitigation
  • Significant knowledge of current technological trends and developments in the area of info security
  • Ability to create technical specification and requirements and work independently and with no direction/supervision
Job Responsibility
Job Responsibility
  • Optimizes cross-functional partnership to successfully address customer requirements
  • Leads / organizes large scale analysis efforts spanning multiple departments
  • Leads information security review of new technologies, designs, and remediation planning efforts
  • Collaborates with Engineering & Operations Teams to address security vulnerabilities
  • Proactively identifies process or technology improvements within existing legacy applications or infrastructure and seeks out remediation
  • Investigates and/or leads identifying security needs & recommends plans/resolutions
  • Maintains visibility inside & outside of information security at the Executive (Director/Sr Director) level
  • Significant experience with the analysis of underlying technologies for threat identification, analysis, and thread model design
  • Proactively identifies areas that need to be developed and seeks out expertise in those areas
  • Leads security projects driven by groups both internal and external to info security
What we offer
What we offer
  • Competitive base salary and compensation package
  • Annual stock grant
  • Employee stock purchase plan
  • 401(k)
  • Access to free, year-round money coaches
  • Medical, dental and vision insurance
  • Flexible spending account
  • Employee stock grants
  • Employee stock purchase plan
  • Paid time off
  • Fulltime
Read More
Arrow Right

AppSec & AI Security Architect

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or Engineering
  • 10+ years of experience in application or product security architecture, preferably in large enterprise or SaaS environments
  • Proven expertise in secure application and API design, cloud-native security, and DevSecOps enablement
  • Proven expertise in secure application and API design, WAAP, and ASPM solutions
  • Strong experience with Kubernetes (K8s), containerization, and service mesh architectures
  • Hands-on experience implementing or governing GitOps pipelines and policy-as-code frameworks (e.g., OPA/Gatekeeper, Kyverno)
  • Knowledge of Zero Trust, data protection, and modern identity standards (OIDC, OAuth2)
  • Familiarity with AI/ML security risks, model governance, and responsible AI adoption
  • Deep knowledge of OWASP ASVS, NIST CSF, ISO 27034, and CIS Controls
  • Desired Certifications: CISSP, CSSLP, SABSA, CCSP, CKA (Certified Kubernetes Administrator), or CCSK.
Job Responsibility
Job Responsibility
  • Defining and maintaining secure application architecture patterns, reference designs, and reusable components across enterprise and cloud-native ecosystems
  • Performing architecture risk assessments and threat modeling for major application programs, APIs, and platforms
  • Leading adoption of Web Application and API Protection (WAAP) controls and Application Security Posture Management (ASPM) tools to enable continuous risk visibility and compliance
  • Embedding security controls in SDLC and CI/CD pipelines, including SAST, DAST, SCA, IaC, and container scanning
  • Designing and governing security for Kubernetes-based and containerized workloads, including service mesh and runtime protection
  • Developing and enforcing standards for API and microservices security, including authentication, authorization, and token lifecycle management (OAuth2, OIDC, mTLS)
  • Establishing secure-by-default configurations for CI/CD and GitOps pipelines (e.g., ArgoCD, Flux, Jenkins, GitHub Actions)
  • Partnering with engineering teams to design secure cloud-native and hybrid architectures across AWS, Azure, and GCP
  • Providing security guidance for applications leveraging AI/ML or LLM capabilities, such as input/output sanitization, model integrity, and data protection
  • Establishing application security KPIs, governance models, and maturity metrics
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion.
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Ireland Jobs Germany Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy