Senior Application Security Engineer

At Deimos, we're on a mission to become Africa's number one multi-cloud partner - leading the way in implementation, migration, and modernisation across AWS, Google Cloud, Azure, Huawei, et al. We combine this with bespoke software engineering services and our own homegrown products (Salus, Patrol, and others in incubation) to help businesses transform, scale, and thrive.

We're an Africa-based team passionate about implementing engineering best practices. We leverage the latest technologies, and build globally competitive solutions for our clients. With Deimos being one of the two moons of Mars, we like to refer to ourselves as "Martians", who are on a mission to Mars, together.

Our teams value the ability to learn and adapt to technology changes while appreciating solid foundational design and the craft of software engineering. As such, our teams enjoy working with various clients who have different problems to solve. If this sounds like you, you would be an ideal fit for our environment.

Note: You must be based in one of the countries we currently hire in - in Africa or the UK.

Role Overview

We are seeking a Senior Application Security Engineer to join our engineering team. Security is embedded in everything we do at Deimos. In this role you will shift security left - building tools, libraries, and automated guardrails that empower developers to move fast without compromising security. You will not be a gatekeeper; you will be an enabler, working closely with product and engineering teams to make secure coding the simplest, most efficient option.

What You Will Be Doing

• Defining the security standard for our product-team deployments and applications.
• Integrating and optimising security tools (SAST, SCA, Secret Detection) into developer workflows.
• Working with product teams to architect and build secure frameworks and patterns, reducing their future cognitive load.
• Automating remediation for common security issues across environments.
• Designing and deploying AI/LLM models and tooling for security-focused change reviews.
• Driving developer engagement with security through initiatives like Security Champions programmes, workshops, lunch-and-learns, and the security health score initiative.
• Collaborating with product teams on threat modelling and translating compliance requirements (ISO 27001, SOC 2) into clear technical specs.
• Hardening CI/CD pipelines and ensuring actionable, relevant security checks.
• Working with Security Operations Engineers to automate security incident triage, removing noise to prioritise high-signal alerting.

What You Must Have

• Bachelor's degree in Computer Science or a related Software Engineering field, or equivalent practical experience.
• A minimum of 5 years of experience in Software Engineering or DevOps, with at least 3 of those years specifically focused on application security.
• Strong communication skills to translate technical vulnerabilities into business and engineering impact.
• Experience with cloud security (AWS) and Infrastructure as Code (Terraform/CloudFormation).
• Proficient in architecting and developing secure applications (preferably in Java).
• Proficient in scripting (Python, Bash, Go) for automation of security tasks.
• Deep understanding of CI/CD systems and embedding security checks without slowing delivery.
• Proven ability to independently define security standards, drive adoption across engineering teams, and manage a Security Champions programme.
• Advantageous: AppSec fundamentals (OWASP Top 10, dependency management, OAuth2/OIDC), experience with SonarQube and CrowdStrike.

About You

For us to achieve our ambitious vision together as a team, it is important for our Martians to lead at all levels, be self-starters who take ownership of their work, and continuously push the boundaries of what is possible. You thrive in a collaborative environment, communicate openly, and are energised by solving complex, real-world problems.

Becoming a Martian means

• Comfortably working and learning from a fully remote, culturally diverse team based predominantly in South Africa, Kenya, Nigeria and Ghana.
• Being an open, honest and respectful communicator.
• You enjoy asking questions, identifying areas of improvement and proposing solutions, no matter your job title or whether you have been with us for a day, a month or years!
• You are comfortable taking initiative and operating independently.
• You thrive in a fast paced environment, where change is constant.
• You find it exciting to work with various clients, from different industries, each with a different problem for you and your team to solve.
• Intentionally sharing tech and industry trends that excite you with your peers.
• Seeking continuous feedback and actively taking steps to continuously grow personally and professionally.

Want to know what you get by joining us?

1. Become a member of a team where we value each individual's contribution from day 1 and empower you to make suggestions, get involved and do what you love most!
2. Flexibility and the freedom to work remotely.
3. Work-life balance where you are not expected to work over weekends or after hours.
4. A forward thinking remote company that knows how important it is to stay connected as one team, by providing virtual social platforms for employee engagement.
5. A monthly work from home allowance which you can use to set yourself up to work comfortably from home. Whether that is pens, notebooks, new headphones or work snacks!
6. A MacBook or Windows laptop for you to do your best work on.
7. Become part of a team of exceptionally clever and talented people who like to share their knowledge and learnings.
8. We support your career growth and love to celebrate your successes and advancement!