Application Security Engineer

Some people like building things. Others like breaking them.

You’ve done both - probably on the same day?

A software supply chain company that’s securing and powering how software gets delivered everywhere is seeking an application security engineer. They're AWS-native, automation-heavy, friendly, company.

• 
  
• Embed security from commit to cloud, not just bolt it on at the end.
  
• Architect AWS security controls across distributed, cloud-native systems.
  
• Lead threat modeling, security reviews, and pen tests, sit in on architecture meetings to see off problems before they exist.
  
• Build and automate security tooling and monitoring with CircleCI, GitHub Actions, DataDog, AWS Security Hub, and more.
  
• Harden everything in sight
  
• Review code, and evangelise secure code across the engineering teams.
  

• 
  
• Ideally, you started in software engineering (with Python as a primary language).
  
• Strong AWS security chops: IAM design, least privilege, encryption, network boundaries, and threat detection.
  
• Experience securing CI/CD pipelines, containers, and infrastructure as code.
  
• Solid grounding in SAST, DAST, and cloud-native security tooling.
  
• You’ve done pen testing and threat modeling, and maybe built your own tools when nothing fit.
  
• Bonus points for supply chain or artifact security experience.
  
• You’ve worked in a startup or scale-up before and know what it’s like to ship fast while keeping things locked down.
  

Remote in Ireland or the UK only. You need to be physically based here. xcfaprz

Work permit sponsorship isn’t available.