🏢 Offshore Consulting Shops

AgileEngine is a software development consultancy and IT staffing provider that hires engineers to work on projects for its external clients, rather than as a direct employer for internal product development.

This company was flagged and excluded from default search results. Proceed with caution.

Save Job
Posted 1w ago

Application Security Engineer (Senior) ID71663

@ AgileEngine
Kraków, Malopolskie, Poland
HybridFull Time
Responsibilities:architecting security, deploying tools, reviewing code
Requirements Summary:6+ years software engineering with strong AppSec/DevSecOps focus; proficiency in Python and/or Java; hands-on experience deploying and tuning SAST, DAST, and SCA tools and integrating them into CI/CD pipelines.
Technical Tools Mentioned:Python, Java, SAST, DAST, SCA, CI/CD, LLMs, AI agents
Save
Mark Applied
Hide Job
Report & Hide
Job Description
AgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people-first culture has earned us multiple Best Place to Work awards.

WHY JOIN US
If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!

ABOUT THE ROLE
We are looking for a Senior Application Security Engineer to architect and build automated security layers within the SDLC, engineering AI-enabled secure code scanning, hardened baseline automation, and CI/CD security tooling integration across a large-scale financial services program. You will work in Python and Java to deploy and tune SAST, DAST, and SCA tools, provide code-level remediation guidance to development teams, and operate with full autonomy building automated security runbooks. The role requires 6+ years of software engineering experience with a strong AppSec and DevSecOps focus.

WHAT YOU WILL DO
- Engineer and deploy AI-enabled secure code scanning capabilities and Golden Images to drive secure-from-the-start adoption;
- Automate the development of secure coding patterns and integrate them with traditional and Agentic SDLC workflows;
- Architect the integration of continuous security scanning tools (SAST, DAST, SCA) into enterprise CI/CD pipelines, tuning them to eliminate noise;
- Act as a senior technical SME, reading and reviewing complex application code (Java/Python) to provide software engineers with highly specific, code-level remediation guidance.

MUST HAVES
- 6+ years of software engineering experience with a strong subsequent focus on Application Security and DevSecOps;
- Strong coding and architectural proficiency in Python (for security automation and scripting) and/or Java (to confidently read, review, and secure enterprise source code);
- Deep, hands-on expertise deploying and tuning modern application security testing tools (SAST, DAST, SCA) and integrating them into complex CI/CD orchestration ecosystems;
- Fully autonomous execution capability, requiring no daily supervision to map out and build automated security runbooks;
- Upper-intermediate English level.

NICE TO HAVES
- Experience integrating LLMs, AI agents, or automated coding assistants to streamline vulnerability triaging or secure code generation;
- Advanced application threat modeling experience.

PERKS AND BENEFITS
- Professional growth: Mentorship, TechTalks, and personalized growth roadmaps.
- Competitive compensation: USD-based pay with education, fitness, and team activity budgets.
- Exciting projects: Modern solutions with Fortune 500 and top product companies.
- Flextime: Flexible schedule with remote and office options.

Meet Our Recruitment Process
Application → Coding Challenge → Video Interview → Technical Interview or Hiring Manager Interview
Each step helps us understand your skills and overall fit.
If it’s a match, you’ll receive an offer.