Job details

Application Security Engineer - Software

Get a free resume review

About Truelogic

At Truelogic we are a leading provider of nearshore staff augmentation services headquartered in New York. For over two decades, we’ve been delivering top-tier technology solutions to companies of all sizes, from innovative startups to industry leaders, helping them achieve their digital transformation goals.

Our team of 600+ highly skilled tech professionals, based in Latin America, drives digital disruption by partnering with U.S. companies on their most impactful projects. Whether collaborating with Fortune 500 giants or scaling startups, we deliver results that make a difference.

By applying for this position, you’re taking the first step in joining a dynamic team that values your expertise and aspirations. We aim to align your skills with opportunities that foster exceptional career growth and success while contributing to transformative projects that shape the future.

Our Client

Our client is an engineering and research organization that contributes to several types of blockchain protocols. Their mission is to build coordination engines that empower open innovation. This mission has a beginning but no end. They consider themselves players in an infinite sum, infinite horizon game.

Job Summary

As an Application Security Engineer you will play a critical role in ensuring the security of both frontend and backend applications, as well as the software supply chain that supports our client. Your primary responsibility will be to identify, mitigate, and prevent security risks across web interfaces, SDKs, and dependencies. This role demands a proactive approach to embedding security practices throughout the development lifecycle, collaborating closely with engineering teams to fortify applications against potential attacks.

Responsibilities

Conduct comprehensive design reviews, threat modeling, and code reviews for new features and products.
Identify gaps in our software development process and take initiative leading efforts to address them.
Educate and train the engineering teams on secure coding best practices.
Investigate vulnerabilities reported via our bug bounty platform, determining their root cause and severity.
Identify vulnerabilities to enable quick action by the engineering team.

Qualifications and Job Requirements

3+ years of experience building and securing software.
Interest or existing experience in web3.
Strong understanding of web application security, including OWASP Top 10 vulnerabilities.
Familiarity with DevSecOps and CI/CD best practices.
Knowledge of cloud security, including AWS.
Proven experience in security design reviews, threat modeling, or security testing.

What We Offer

100% Remote Work: Enjoy the freedom to work from the location that helps you thrive. All it takes is a laptop and a reliable internet connection.
Highly Competitive USD Pay: Earn an excellent, market-leading compensation in USD, that goes beyond typical market offerings.
Paid Time Off: We value your well-being. Our paid time off policies ensure you have the chance to unwind and recharge when needed.
Work with Autonomy: Enjoy the freedom to manage your time as long as the work gets done. Focus on results, not the clock.
Work with Top American Companies: Grow your expertise working on innovative, high-impact projects with Industry-Leading U.S. Companies.

Why You’ll Like Working Here

A Culture That Values You: We prioritize well-being and work-life balance, offering engagement activities and fostering dynamic teams to ensure you thrive both personally and professionally.
Diverse, Global Network: Connect with over 600 professionals in 25+ countries, expand your network, and collaborate with a multicultural team from Latin America.
Team Up with Skilled Professionals: Join forces with senior talent. All of our team members are seasoned experts, ensuring you're working with the best in your field.

Apply now!

Average salary estimate

$95000 / YEARLY (est.)

min

max

$70000K

$120000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Application Security Engineer - Software, Truelogic

At Truelogic, we are excited to welcome an Application Security Engineer to our team! Based in the vibrant world of tech, you’ll play a crucial role in securing our client’s applications and software supply chains. With a focus on both frontend and backend systems, your expertise will help identify and mitigate potential security risks across various platforms, ensuring that our client’s mission in blockchain innovation continues smoothly. You’ll engage deeply in the development lifecycle by conducting thorough design reviews, threat modeling, and sustainability assessments. Your proactive approach and collaboration with engineering teams will be key in fortifying applications against vulnerabilities. This is not just about technical skills; we value your ability to educate and guide teams in secure coding practices, making you an essential partner in delivering robust and secure software. If you’ve got 3+ years of experience in building secure software and a solid grasp of web application security, particularly the OWASP Top 10 vulnerabilities, you will thrive here. Plus, we offer the perks of a fully remote position, competitive USD pay, and the chance to work on transformative projects with leading U.S. companies. Join us at Truelogic and become part of a diverse team dedicated to innovation and excellence!

Frequently Asked Questions (FAQs) for Application Security Engineer - Software Role at Truelogic

What are the main responsibilities of an Application Security Engineer at Truelogic?

As an Application Security Engineer at Truelogic, your main responsibilities will include conducting design reviews, threat modeling, and code reviews for new features. You'll play a key role in identifying and mitigating security vulnerabilities across various applications while educating engineering teams on secure coding practices.