Senior Application Security Engineer

As a Senior Application Security Engineer, you'll help shape the future of our AppSec program. You'll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You'll have the opportunity to learn quickly, provide feedback on long-term improvements, and drive strategic security initiatives across our product portfolio. Tech Stack:

• TypeScript/JavaScript, Python, Ruby, Java, Go
• CI/CD automation tools (SAST, SCA, Secrets Scanning, etc.)
• AI security controls and LLM risk management

What you'll be working on

• Embed security across the development lifecycle, moving from pen-test/documentation-heavy to guardrail-driven programs
• Facilitate lightweight, feature-level threat models and drive risk-based discussions
• Perform hands-on application penetration tests and security-focused source code reviews
• Drive risk rating and vulnerability management processes
• Partner with product, platform, and engineering leads to drive security initiatives
• Lead outcome-focused design review discussions and security trainings
• Provide framework-specific remediation guidance to developers

Do you have experience in Web Application Security Testing?, * 5 - 8+ years in product-focused AppSec, with a track record of embedding security and reducing late-stage findings via automation and developer enablement

• Deep practical knowledge of core security concepts (authN/Z, session management, input/output handling, logging, data protection, access controls)
• Proficient in at least two programming languages (TypeScript/JavaScript, Python, Ruby, Java, Go, etc.)
• Hands-on experience with application penetration testing and code reviews
• Proficient in threat modeling and risk-based analysis
• Strong organizational, time-management, communication, and presentation skills

Pulled from the full job description

• Health insurance
• Retirement plan
• Paid time off
• Internal mobility program, A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility - there are opportunities for cross training and the ability to attain your next career step within Barracuda.
• Equity, in the form of non-qualifying options
• High-quality health benefits
• Retirement Plan with employer match
• Career-growth opportunities
• Flexible Time Off and Paid Time Off benefits
• Volunteer opportunities

Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.