
Senior Application Security Engineer
Há 4 dias
Join to apply for the Senior Application Security Engineer role at Rain
Rain is the fastest-growing earned wage access (EWA) fintech in the U.S., serving 3.5 million employees and backed by top investors like QED and Prosus. We've raised nearly $400M in funding—including the largest Series A in fintech history—and just closed our Series B to fuel our next stage of hypergrowth.
OverviewWe are seeking a skilled and driven Senior Application Security Engineer to join Rain's growing Security team. This role demands a proactive approach to secure software development and cloud-native defense. You will partner closely with engineering and development squads, and work alongside our Cloud Security and GRC team members to improve Rain's application and platform security posture. This position is technically grounded, requiring direct engagement in application-layer matters and security reviews, while also contributing to cloud security automation, awareness initiatives, and secure engineering practices across the SDLC.
Key Responsibilities- Collaborate with development squads to validate vulnerabilities and provide actionable remediation guidance aligned with business risk.
- Drive threat modeling sessions (e.g., STRIDE, PASTA) for critical systems and APIs.
- Design, implement, and oversee automated processes for securely updating application and code dependencies, proactively mitigating issues and ensuring timely vulnerability remediation.
- Integrate security checks into CI/CD pipelines (SAST, DAST, SCA, IaC), working with tools like Semgrep, Snyk, Trivy, and Burp Suite.
- Contribute to runtime security initiatives, such as container/Kubernetes hardening, RASP, and eBPF-based detection.
- Build and maintain a security issues dashboard to track remediation status and metrics.
- Provide real-time support in the event of cybersecurity incidents impacting applications or cloud infrastructure (exploited vulnerability, credential stuffing, web/API attacks).
- Partner with the Cloud Security team on security automation tasks and monitoring improvements (e.g., Security Hub remediation automations, DLP monitoring).
- Conduct proactive research on new threats, vulnerabilities, and attack techniques relevant to Rain's architecture.
- Collaborate with the GRC team to develop and deliver internal security awareness initiatives, phishing campaigns, and developer training (e.g., secure coding, API security).
- Participate in the continuous improvement of AppSec maturity (e.g., aligning with OWASP SAMM, ISO 27001, or SOC 2 frameworks).
- Fluent English, including strong verbal and written skills.
- Strong problem-solving and analytical mindset.
- Excellent communication skills to convey security risks to technical and non-technical stakeholders.
- 3–5+ years of experience in application security, penetration testing roles, and/or secure code development, including work with QA teams.
- Hands-on experience with SAST, DAST, and SCA tools (e.g., Semgrep, Burp, Snyk).
- Deep understanding of web, mobile, and API vulnerabilities (OWASP Top 10, API Top 10, MITRE CWE).
- Proven expertise in performing code reviews or security assessments and writing clear reports.
- Proficiency in at least one backend language (e.g., Go, Python, Node.js) and understanding of React/React Native front-ends.
- Familiarity with secure architecture of microservices, event-driven systems, and REST APIs using OAuth2/OpenID Connect.
- Experience securing CI/CD pipelines and integrating AppSec tooling into SDLC.
- Solid knowledge of containerization and Kubernetes security fundamentals.
- Understanding of cloud security (preferably AWS), including IAM principles, cloud-native service configurations, and network segmentation.
- Comfortable with Agile development methodologies and working within cross-functional squads.
- Software supply chain security (e.g., SBOM, artifact signing).
- Certifications such as OSCP, OSWE, GWAPT, CPTE, or CSSLP.
- AWS, GCP, or Azure Security Specialty certification.
- Familiarity with bug bounty triage and vulnerability management platforms (e.g., DefectDojo).
- Experience implementing RASP or eBPF runtime protection tools.
- Exposure to LLM/AI security considerations and secure code generation practices.
- Familiarity with logging and monitoring tools (e.g., CloudWatch, Datadog, Grafana).
Rain is filled with people with a deeply rooted passion for our mission, who embrace diversity throughout our global team, and grow personally and professionally. We own what we do and let data guide our actions while working quickly and adapting to new challenges every day.
As part of our dedication to the diversity of our workforce, Rain is committed to Equal Employment Opportunity and does not discriminate based on race, religion, color, national origin, ethnicity, gender, sex (including pregnancy), protected veteran status, age, disability, sexual orientation, gender identity, gender expression, or any unlawful criterion existing under applicable federal, state, or local laws. If you need assistance or accommodation due to a disability, you may contact us at ******.
#J-18808-Ljbffr-
Senior Application Security Engineer
3 semanas atrás
Niterói, Rio de Janeiro, Brasil Rain Tempo inteiroJoin to apply for the Senior Application Security Engineer role at Rain Rain is the fastest-growing earned wage access (EWA) fintech in the U.S., serving 3.5 million employees and backed by top investors like QED and Prosus. We've raised nearly $400M in funding—including the largest Series A in fintech history—and just closed our Series B to fuel our...
-
Senior Devops Engineer
Há 4 dias
Niterói, Brasil Findly (Yc S22) Tempo inteiroNo software farms and no part-time jobs at the moment. We build our software in-house.We're looking for a Senior DevOps Engineer with strong product instincts. As an early-stage startup, our projects are broad—so comfort moving across the stack and owning outcomes end-to-end is key. You'll design and run the infrastructure that powers Findly, from CI/CD to...
-
Data Engineer
Há 6 dias
Niterói, Brasil Avenue Code Tempo inteiroRequired Skills & Experience- 6+ years of experience within the field of application/platform engineering or related technical work including business intelligence, analytics.- 4+ years of experience with AWS Senior Cloud Data Engineering, management, maintenance, or architecting, implementing best practices and industry standards.- Experience with data...
-
Devops Engineer
Há 4 dias
Niterói, Brasil The Methodical Group Tempo inteiroJob Title:Lead DevOps EngineerLocation:RemoteExperience Level:10+ yearsAbout the RoleWe are seeking a highly experienced Lead DevOps Engineer to spearhead our cloud infrastructure and DevOps initiatives. In this role, you will lead a small but growing team of engineers and drive the strategic direction of our DevOps practices. The ideal candidate has a...
-
Senior Software Engineer, AI Model serving
4 semanas atrás
Niterói, Rio de Janeiro, Brasil Speechify Tempo inteiroJoin to apply for the Senior Software Engineer, AI Model serving - Niterói, Brazil role at Speechify2 days ago Be among the first 25 applicantsJoin to apply for the Senior Software Engineer, AI Model serving - Niterói, Brazil role at SpeechifyPLEASE APPLY THROUGH THIS LINK: https://job-DO NOT APPLY BELOWMissionThe mission of Speechify is to make sure that...
-
Experienced Recruiter For The Swedish It Industry
2 semanas atrás
Niterói, Brasil Nexer Telescope Tempo inteiroOverviewExperienced Recruiter For The Swedish IT Industry at Nexer Telescope We are looking for a senior headhunter who will help us to find engineers who are ready to embark on an adventure to Sweden. Living standards in Sweden are high, and we need many engineers. Your job will be to find them and inform them about the benefits of living and working in...
-
Experienced Recruiter For The Swedish It Industry
3 semanas atrás
Niterói, Rio de Janeiro, Brasil Nexer Telescope Tempo inteiroOverviewExperienced Recruiter For The Swedish IT Industry at Nexer TelescopeWe are looking for a senior headhunter who will help us to find engineers who are ready to embark on an adventure to Sweden. Living standards in Sweden are high, and we need many engineers. Your job will be to find them and inform them about the benefits of living and working in...
-
Experienced Recruiter For The Swedish It Industry
3 semanas atrás
Niterói, Rio de Janeiro, Brasil Nexer Telescope Tempo inteiroOverview Experienced Recruiter For The Swedish IT Industry at Nexer Telescope We are looking for a senior headhunter who will help us to find engineers who are ready to embark on an adventure to Sweden. Living standards in Sweden are high, and we need many engineers. Your job will be to find them and inform them about the benefits of living and working in...
-
Application Project Manager
2 semanas atrás
Niterói, Brasil Tata Consultancy Services Tempo inteiroCome to one of the biggest IT Services companies in the world!!Here you can transform your career!Why to join TCS?Here at TCS we believe that people make the difference, that's why we live a culture of unlimited learning full of opportunities for improvement and mutual development.The ideal scenario to expand ideas through the right tools, contributing to...
-
Senior Manager
Há 2 dias
Niterói, Rio de Janeiro, Brasil CVS Health Tempo inteiro US$130.295 - US$260.590At CVS Health, we're building a world of health around every consumer and surrounding ourselves with dedicated colleagues who are passionate about transforming health care.As the nation's leading health solutions company, we reach millions of Americans through our local presence, digital channels and more than 300,000 purpose-driven colleagues – caring for...