Security Engineer, AppSec
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
About Workato
Workato transforms technology complexity into business opportunity. As the leader in enterprise orchestration Workato helps businesses globally streamline operations by connecting data processes applications and experiences. Its AI-powered platform enables teams to navigate complex workflows in real-time driving efficiency and agility.
Trusted by a community of 400000 global customers Workato empowers organizations of every size to unlock new value and lead in todays fast-changing world. Learn how Workato helps businesses of all sizes achieve more at .
Why join us
Ultimately Workato believes in fostering a flexible trust-oriented culture that empowers everyone to take full ownership of their roles. We are driven by innovation and looking for team players who want to actively build our company.
But we also believe in balancing productivity with self-care. Thats why we offer all of our employees a vibrant and dynamic work environment along with a multitude of benefits they can enjoy inside and outside of their work lives.
If this sounds right up your alley please submit an application. We look forward to getting to know you!
Also feel free to check out why:
Business Insider named us an enterprise startup to bet your career on
Forbes Cloud 100 recognized us as one of the top 100 private cloud companies in the world
Quartz ranked us the #1 best company for remote workers
Responsibilities
Join our Product Security team in Barcelona as a Security Engineer - Embedded AppSec and help secure the future of AI this role you will be deeply integrated with our development teams embedding security throughout the software development lifecycle (SDLC) and ensuring security is built-in while playing a key role in our Agentic AI Transformation.
You will work closely with developers architects and product managers to perform early threat modeling offer actionable security guidance and reduce risk before it ships. If youre passionate about shifting security left enabling engineering teams and influencing product design this is the role for you.
You will play a pivotal role in safeguarding our systems ensuring compliance and advancing our security posture. Key responsibilities include:
Secure SDLC Integration: Embed with engineering teams to ensure security is part of every phase of the development lifecycle from design to deployment.
Threat Modeling & Design Reviews: Conduct early-stage threat modeling and participate in architectural and design reviews to identify and mitigate risks proactively.
Security Enablement: Act as a security champion within product teams by providing training building security knowledge and driving adoption of secure coding practices.
Code & Pipeline Reviews: Perform code reviews with a security lens and provide guidance on CI/CD pipeline security.
Vulnerability Discovery & Triage: Identify and prioritize vulnerabilities using static/dynamic analysis and manual review and work with developers on remediation strategies.
Security Tooling & Automation: Collaborate with the broader ProdSec and DevOps teams to improve tooling and automate security feedback loops.
Cross-Functional Collaboration: Partner with Product SecOps and Platform teams to align security with product goals and agile workflows.
Security Advocacy: Help scale security awareness through documentation workshops and informal coaching embedded in daily engineering practice.
Security Automation: Design and implement automated security tools and processes to improve detection response and compliance efficiency
This role offers the opportunity to secure mission-critical systems deployed globally while working with cutting-edge AI and cloud technologies. If youre looking to make a significant impact on enterprise security this could be perfect for you.
Requirements
Qualifications / Experience / Technical Skills
Bachelors degree in Computer Science Cybersecurity or related technical field
4 years in cybersecurity or software engineering with at least 2 years focused on application or product security
Strong understanding of software development processes and ability to speak the language of engineers
Proficiency in one or more programmingAND scripting languages (e.g. Ruby Java Python JavaScript Bash)
Hands-on experience with vulnerability scanners and security testing tools
Strong knowledge of threat modeling and security architecture reviews
AI/ML security experience including risk assessment and prevention guidelines
Soft Skills / Personal Characteristics
Masters degree in a relevant field
Prior experience as an application or product security engineer in a SaaS or cloud-native environment
Advanced certifications (CISSP OSCP GPEN GCIH GIAC)
Experience with DevSecOps and security automation
Network security and encryption standards expertise
Incident management and response experience
AWS Security Specialty certification or equivalent cloud security certification
Expertise in AWS security services (EKS IAM KMS GuardDuty CloudTrail)
Job Req ID: 2316
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
About Company
A single platform to orchestrate data integration, app connectivity, and process automation across your organization.
