HimalayasHimalayas logo
CO

Application Security Research Engineer

CommIT
Spain only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

Description

Company is seeking an Application Security Research Engineer. In this role, you will lead a team of researchers and ethical hackers focused on offensive security testing, automated exploit discovery, and advanced application security research. Your work will directly influence the security posture of company products and help scale secure-by-design principles. This is a hands-on technical role with a strong emphasis on offensive security, code exploitation, automation, and innovation.

What You will Do:

  • Build and lead a team of security researchers and penetration testers.
  • Help to reshape company Product Security
  • Plan and execute advanced penetration testing campaigns.
  • Develop tools and frameworks for scalable security testing and fuzzing.
  • Lead Security innovation by building and managing penetration testing tools \ AI Agents
  • Analyze vulnerabilities, perform root cause analysis, and develop proofs of concept.
  • Identify systemic product weaknesses and help define long-term mitigations.
  • Collaborate with engineering teams to reproduce, triage, and fix vulnerabilities.
  • Contribute to security research publications, CVE submissions, and industry knowledge sharing.
  • Continuously evolve internal testing capabilities using modern tooling and AI-assisted approaches.

Requirements

Requirements:

  • Proven 2+ years of experience in leading application security research Teams (SAAS or software company).
  • 7+ year experience in Research and penetration testing.
  • Strong coding skills and deep technical understanding of web, API, cloud-native, and backend technologies.
  • AI and LLM Penetration testing knowldge and Experience
  • Experience with penetration testing tools (Burp Suite, Metasploit, etc.) and Custom Security Tools development.
  • Familiarity with modern architectures (e.g., Cloud, microservices, containers, Kubernetes).
  • Familiarity with secure software architecture and typical attack vectors.
  • Demonstrated ability to lead security testing engagements and report technical findings effectively.
  • Experience building or integrating automated PT or fuzzing pipelines is a strong advantage.
  • Knowledge and hands-on experience with SSDLC tools and CI/CD pipelines,
  • Publications or open-source contributions in the security domain are a plus.

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior

Experience

7 years minimum

Location requirements

Spain

Hiring timezones

Spain +/- 0 hours

Job categories

Application Security ResearchPenetration TestingOffensive SecuritySecurity EngineeringSecurity Research

Skills

Offensive Security Tool DevelopmentPenetration TestingAI AgentsLLM Security TestingBurp suiteMetasploitR&D For Security ToolsKubernetesCI CD PipelinesSSDLCWeb SecurityAPI SecurityMicroservicesRoot Cause

Browse similar jobs

Remote Senior Application-Security-Research JobsRemote Full Time Application-Security-Research JobsRemote Senior Application-Security-Research Jobs in SpainRemote Full Time Jobs in SpainRemote Application-Security-Research Jobs in Spain
Claim this profileCO

CommIT

View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

39 remote jobs at CommIT

Explore the variety of open remote roles at CommIT, offering flexible work options across multiple disciplines and skill levels.

View all jobs at CommIT

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan