Application Security Engineer

FloSports leads the way in delivering world-class digital streaming for millions of fans families and athletes in underserved sports. Our digital platform unites casual and dedicated spectators alike offering thrilling live events from around the world with interactive features real-time analytics and powerful broadcast technology. As the essential destination for niche sports content we deliver everything from breaking news and expert commentary to feature films documentaries and multi-episodic series. Weve revolutionized the global sports media industry by building a diverse teamtechnologists and wrestlers creators and cheerleading experts designers and hockey enthusiasts communicators and motorsport fanatics producers and sports fansall united by our passion to serve underrepresented sports communities. Were creating the ultimate destination for our sports and were looking for people like you to join us!

THE ROLE:

At FloSports we believe security should accelerate engineering not slow it down. Were building an Application Security function that partners closely with our developers to ship secure code faster. This isnt about blocking deployments or creating frictionits about enabling engineers to build with confidence.

As an Application Security Engineer youll be the bridge between our Security SRE and Engineering teams. Youll work hands-on with developers to identify vulnerabilities integrate security tooling into our CI/CD pipelines and help engineers understand and fix security issues before they reach production. Youll have a real impact on how we secure our platform for millions of streaming viewers.

This role is ideal for someone early in their AppSec career who has strong technical fundamentals genuine curiosity about security and the communication skills to partner effectively with developers. If youve been a developer who got interested in security or a security practitioner who loves to code youll fit right in.

RESPONSIBILITIES:

Partner with Engineering on Security

• Work directly with development teams to triage explain and remediate security findings

• Conduct lightweight security reviews of code changes architecture decisions and new features

• Be a trusted resource that engineers actually want to consultnot a blocker they work around

Integrate Security into CI/CD

• Manage and optimize our security tooling: AWS Security Hub GitHub security features and Aikido

• Build and maintain automated security checks in our deployment pipelines

• Reduce noise by tuning tools to surface real risks not false positives

Drive Vulnerability Management

• Own the vulnerability lifecycle from discovery through remediation

• Prioritize findings based on actual risk to the business not just CVSS scores

• Track metrics and report on security posture to leadership

Build Security Knowledge Across Engineering

• Create practical secure coding guidelines that developers will actually use

• Run lightweight training sessions and lunch-and-learns on common vulnerability patterns

• Document security patterns and anti-patterns specific to our stack

Grow Our AppSec Practice

• Help establish application security processes as we scale

• Contribute to security architecture decisions for new products and features

• Stay current on emerging threats and bring relevant insights to the team

KNOWLEDGE SKILLS AND ABILITIES:

Technical Foundation

• 2 years of experience in software engineering DevOps or security

• Solid understanding of web application security fundamentals (OWASP Top 10 common vulnerability classes)

• Hands-on experience with at least one programming language (Python JavaScript/ Go or similar)

• Familiarity with CI/CD pipelines and modern development workflows (GitHub Actions Helm etc.)

Security Knowledge

• Understanding of secure coding practices and common vulnerability patterns

• Experience with or strong interest in security tools (SAST DAST SCA or cloud security)

• Familiarity with AWS security services (Security Hub IAM GuardDuty) is a plus

• Knowledge of container security and Kubernetes is a plus

Mindset & Communication

• Genuine curiosity about securityyou enjoy understanding how things break

• Strong communication skillsyou can explain security concepts to developers without being condescending

• Collaborative approachyou see yourself as a partner to engineering not a gatekeeper

• Growth mindsetyoure eager to learn and develop your AppSec expertise

OUR COMMITMENT TO DIVERSITY:

FloSports exists to elevate the communities athletes and sports that have too often been overlooked. That mission starts with our own team. We believe that a diverse inclusive workplaceone where different perspectives are sought out heard and valuedis essential to building a company that can truly serve the full spectrum of sports fans.

We are committed to creating a fair and equitable environment where people from all backgrounds can thrive. To help mitigate bias and expand opportunity FloSports uses a blind recruiting process that supports more objective inclusive hiring decisions. Were intentional in our practices because we believe the best ideas and innovations come from teams that reflect the diversity of the world around us.

OUR BENEFITS:

• Recognized three years in a row as a Top Workplace by the Austin-American Statesman

• Flexibility at work - you can take control of your profession and personal schedule

• All-hands events hosted annually in beautiful Austin Texas

• Annual equity awards for all top performers

• Competitive and comprehensive medical dental and vision plans

• Peace of mind through company-paid short-term disability long-term disability and life insurance

• Generous 401(K) company match vested immediately

• Progressive parental leave policies

• Flexible paid time off

• Hack-a-thons and a full calendar of team-building and social events

• Company donation to youth teams and leagues that our employees coach

• Stocked snack bar catered lunch and breakfast tacos every week

Required Experience:

IC