Middle Application Security Engineer

Agileengine, Llc.
Barcelona, Spain
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Barcelona, Spain

Tech stack

Java
Continuous Integration
Secure Coding
Software Engineering
Scripting (Bash/Python/Go/Ruby)
Software Security
Devsecops
Static Application Security Testing
Dynamic Application Security Testing

Job description

engineering and AppSec experience. /p h3WHAT YOU WILL DO /h3 ul liWrite and maintain the scripts necessary to integrate security gates (SAST, DAST, SCA) seamlessly into the CI/CD pipeline; /li liContinuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts; /li liAssist in coding and deploying automated hardened baselines and secure coding patterns; /li liWork directly with product development teams to provide actionable, code-level remediation guidance in Java and Python. /li /ul h3MUST HAVES /h3 ul li3-5 years of commercial experience blending software engineering and DevSecOps/AppSec; /li liSolid coding proficiency in bPython /b (for automation/scripting), with the ability to comfortably read and navigate bJava /b source code; /li liWorking knowledge of modern bCI/CD orchestration tools /b and practical experience interacting with vulnerability scoring frameworks; /li, liAbility to operate with minimal supervision on

Requirements

day-to-day execution, reliably completing complex scripting and integration tasks. /li /ul h3NICE TO HAVES /h3 ul liHands-on experience with specific CNAPP or ASPM platforms (e.g., Wiz); /li liBasic understanding of application threat modeling. /li /ul h3PERKS AND BENEFITS /h3 ul libProfessional growth /b: Mentorship, TechTalks, and personalized growth roadmaps. /li libCompetitive compensation /b: USD-based pay with education, fitness, and team activity budgets. /li libExciting projects /b: Modern solutions with Fortune 500 and top product companies. /li libFlextime /b: Flexible schedule with remote and office options. /li /ul /p

About the company

ppAgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people-first culture has earned us multiple Best Place to Work awards. /p h3WHY JOIN US /h3 pIf you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you /p h3ABOUT THE ROLE /h3 pWe are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3-5 years of combined software

Apply for this position