HimalayasHimalayas logo
ReviztoRE

Senior Application Security Engineer

Revizto
Germany only

Stay safe on Himalayas

Never send money to companies. Jobs on Himalayas will never require payment from applicants.

About the Opportunity

We are looking for a Senior Application Security Engineer to join our security team. You will play a key role in advancing and maturing our application security program by establishing secure development standards and embedding security throughout the entire software development lifecycle (SDLC). You will work closely with development, DevOps, and DevSecOps teams to ensure security is integrated from the outset, enabling the delivery of resilient and secure applications.

This position is fully-remote and requires to be permanently residing and authorized to work in Germany, France or United Kingdom.

Where You Will Make a Difference

  • Playing with and setting up tools like SAST, DAST, IAST, and RASP
  • Managing vulnerabilities (keeping stuff patched and secure)
  • Checking open-source code for security issues (OSA / SCA)
  • Doing and improving code security reviews
  • Hardening API security (REST, GraphQL)
  • Doing threat modeling (STRIDE, PASTA, etc.) for new features
  • Launching and running the bug bounty program!
  • Building a "Security Champions" program across the engineering teams
  • Working with external teams on penetration tests
  • Sharing your security knowledge with everyone

Who You Are

  • Min. 5 years in AppSec or a similar security role
  • Hands-on with SAST/DAST/IAST/RASP tools—especially Snyk and/or Acunetix
  • Real-world experience with vulnerability management and threat modeling. (STRIDE, PASTA)
  • Experience launching or managing a bug bounty program
  • Experience with pentesting or working closely with pentest teams
  • Know your stuff when it comes to OWASP standards (ASVS, WSTG, etc.) and SSDLC principles
  • Good at API security (REST, GraphQL)
  • Can read and understand code in: PHP, JS, Go, C#, and C++ (especially Unity for desktop/mobile)
  • Broad knowledge across application and infrastructure security

Nice to Have

  • Security certs like OSCP, GWEB, CSSLP
  • Experience with Unity / game engine security
  • Familiar with cloud security (AWS, AliCloud)
  • Know how to put security checks into CI/CD pipelines (GitHub Actions)
  • Experience building a Security Champions program

Why Join Us

  • Awarded Best Managed Company of Switzerlandby Deloitte in 2024 and 2025
  • Bi-Annual Company Wide Trips (2023 Armenia 2025 Switzerland and more to come!)
  • Fully Remote Work from either Germany, UK or France
  • High Flexibility
  • Employee-Focused Culture
  • Innovative and Collaborative Team
  • Great Working Conditions

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Senior

Experience

5 years minimum

Location requirements

Germany

Hiring timezones

Germany +/- 0 hours

Job categories

Application SecuritySecurity EngineeringDevSecOpsIT SecurityVulnerability Management

Skills

Application SecuritySASTDASTIASTRASPSnykAcunetixThreat ModelingSTRIDE ModelPASTABug BountyPenetration TestingOWASPSSDLCAPI SecurityGitHubGitHub ActionsGraphQLMakePHPRemote Remote

Browse similar jobs

Remote Senior Application-Security JobsRemote Full Time Application-Security JobsRemote Senior Application-Security Jobs in GermanyRemote Full Time Jobs in GermanyRemote Application-Security Jobs in Germany
Claim this profileRevizto logoRE

Revizto

View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs

5 remote jobs at Revizto

Explore the variety of open remote roles at Revizto, offering flexible work options across multiple disciplines and skill levels.

View all jobs at Revizto

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan