Application Security Engineer | Product Security (Remote, Latam)
Orienta
- Buenos Aires
- Permanente
- Tiempo completo
Location 100% Remote - Open to candidates in LATAM region Employment Type Contractor About Our Client A leading cloud-native SaaS company in the Human Capital Management (HCM) space, serving a global customer base across North America, EMEA, and Asia Pacific.
Their award-winning platform enables organizations worldwide to manage their workforce with efficiency, compliance, and confidence.
With a strong mission of making work life better, this company is committed to its employees, customers, partners, and communities globally.
About the Opportunity We are looking for a Application Security Engineer to join their Product Security team.
In this role, you will be a key driver of security across the engineering organization - leading security reviews, shaping architecture decisions, owning high-impact initiatives, and enabling engineering teams to build with security by design.
This is a senior, hands-on individual contributor role with significant influence over the company's overall security posture.
What You Will Do Product Security Reviews: Lead and scale product security reviews across multiple engineering teams and services, including code reviews, threat modeling, and dynamic/static analysis.
Establish patterns and reusable approaches to improve consistency and coverage.
Architecture Design: Serve as a security thought partner for product architects and engineers.
Guide threat modeling efforts, assess technical risk, and champion security best practices throughout the SDLC.
Strategic Initiatives: Own high-impact security projects that shape the future of the client's product security posture - including supply chain security automation, advanced SAST/DAST integrations, and secure development training programs.
Vulnerability Remediation: Leverage available tools to investigate security issues, assess root causes, and design effective remediation strategies.
Partner closely with engineering teams to ensure fixes align with security best practices.
Engineering Enablement: Build frameworks, guidance, and tooling that empower engineering teams to independently build secure systems.
Act as a mentor and subject matter expert across teams.
What You Bring Hands-on experience in application or product security with a strong foundation in software engineering and secure system design.
Technical depth in at least one modern programming language (C#, Java, or Python).
Familiarity with secure CI/CD practices and software supply chain security.
Cloud security expertise in Azure and/or AWS, including IAM, containerization, networking, and native security controls.
Experience defining or scaling application security programs in a cloud-native environment.
Ability to analyze complex distributed and microservices-based systems.
Excellent communication skills — able to articulate risk and trade-offs to both technical and non-technical audiences.
Experience with SAST/DAST tools, Atlassian suite, and pentesting tools such as Burp Suite and sqlmap.
Ability to perform black-box and grey-box testing of web applications and APIs.
Nice to Have Prior experience in a SaaS or cloud-native company.
Contributions to open-source security tools or research.
Certifications: CISSP, CEH, or OSCP.
Buscojobs