Senior Application Security Engineer

4 semanas atrás

Sinop, Mato Grosso, Brasil Rain Tempo inteiro
Overview

Senior Application Security Engineer role at Rain. Rain is the fastest-growing earned wage access (EWA) fintech in the U.S., serving millions of employees and backed by top investors. This role focuses on secure software development, cloud-native defense, and collaboration with engineering, Cloud Security, and GRC teams to improve Rain's application and platform security posture.

This position is technically grounded, requiring direct engagement in application-layer matters and security reviews, while contributing to cloud security automation, awareness initiatives, and secure engineering practices across the SDLC.

Responsibilities
  • Collaborate with development squads to validate vulnerabilities and provide actionable remediation guidance aligned with business risk.
  • Drive threat modeling sessions (e.g., STRIDE, PASTA) for critical systems and APIs.
  • Design, implement, and oversee automated processes for securely updating application and code dependencies, mitigat ing issues and ensuring timely vulnerability remediation.
  • Integrate security checks into CI/CD pipelines (SAST, DAST, SCA, IaC) using tools like Semgrep, Snyk, Trivy, and Burp Suite.
  • Contribute to runtime security initiatives (container/Kubernetes hardening, RASP, eBPF-based detection).
  • Build and maintain a security issues dashboard to track remediation status and metrics.
  • Provide real-time support during cybersecurity incidents impacting applications or cloud infrastructure.
  • Partner with the Cloud Security team on security automation tasks and monitoring improvements (e.g., Security Hub automations, DLP monitoring).
  • Conduct proactive research on new threats, vulnerabilities, and attack techniques relevant to Rain's architecture.
  • Collaborate with the GRC team to develop and deliver internal security awareness initiatives, phishing campaigns, and developer training (secure coding, API security).
  • Participate in continuous improvement of AppSec maturity (e.g., alignment with OWASP SAMM, ISO 27001, or SOC 2 frameworks).
Qualifications
  • Fluent English with strong verbal and written skills; excellent communication to convey security risks to technical and non-technical stakeholders.
  • 3–5+ years of experience in application security, penetration testing, and/or secure code development, including work with QA teams.
  • Hands-on experience with SAST, DAST, and SCA tools (e.g., Semgrep, Burp, Snyk).
  • Deep understanding of web, mobile, and API vulnerabilities (OWASP Top 10, API Top 10, MITRE CWE).
  • Proven expertise in code review or security assessments and clear reporting.
  • Proficiency in at least one backend language (e.g., Go, Python, Node.js) and understanding of React/React Native front-ends.
  • Familiarity with secure architecture of microservices, event-driven systems, and REST APIs using OAuth2/OpenID Connect.
  • Experience securing CI/CD pipelines and integrating AppSec tooling into SDLC.
  • Solid knowledge of containerization and Kubernetes security fundamentals.
  • Understanding of cloud security (preferably AWS), including IAM, cloud-native configurations, and network segmentation.
  • Comfortable with Agile development and cross-functional squads.
  • Software supply chain security (e.g., SBOM, artifact signing).
Preferred Qualifications
  • Certifications such as OSCP, OSWE, GWAPT, CPTE, or CSSLP.
  • AWS, GCP, or Azure Security Specialty certification.
  • Familiarity with bug bounty triage and vulnerability management platforms (e.g., DefectDojo).
  • Experience implementing RASP or eBPF runtime protection tools.
  • Exposure to LLM/AI security considerations and secure code generation practices.
  • Familiarity with logging and monitoring tools (e.g., CloudWatch, Datadog, Grafana).
Who We Are

Rain is a diverse, mission-driven team that values inclusion across our global workforce. We rely on data to guide actions and adapt quickly to challenges.

Rain is committed to Equal Employment Opportunity and does not discriminate based on race, religion, color, national origin, ethnicity, gender, sex (including pregnancy), protected veteran status, age, disability, sexual orientation, gender identity, gender expression, or any unlawful criterion under applicable laws. If you need assistance or accommodation due to a disability, you may contact us at ******.

#J-18808-Ljbffr

  • Experienced Recruiter For The Swedish It Industry

    4 semanas atrás

    Sinop, Mato Grosso, Brasil Nexer Telescope Tempo inteiro

    OverviewExperienced Recruiter For The Swedish IT Industry at Nexer Telescope. The role focuses on recruiting software engineers to Sweden, supporting relocation, and coordinating with global teams.ResponsibilitiesIdentify and recruit engineers for Sweden-based roles across software development, R&D, cyber security, automotive, embedded systems,...

  • Analista de Sistemas

    4 semanas atrás

    Sinop, Mato Grosso, Brasil Frialto Tempo inteiro

    Responsabilidades Garantir pleno funcionamento dos sistemas análise em sistemas (identificar erros e pontos de melhorias) realizar o planejamento e execução de projetos prestar suporte e treinamentos a usuários manipulação de banco de dados sql(oracle, sql server, mysql) Requisitos Superior completo em ciência da computação, sistemas de...

  • Analista de Sistemas

    4 semanas atrás

    Sinop, Mato Grosso, Brasil Frialto Tempo inteiro

    ResponsabilidadesGarantir pleno funcionamento dos sistemasanálise em sistemas (identificar erros e pontos de melhorias)realizar o planejamento e execução de projetosprestar suporte e treinamentos a usuáriosmanipulação de banco de dados sql(oracle, sql server, mysql)RequisitosSuperior completo em ciência da computação, sistemas de informação ou...

  • Experienced Recruiter For The Swedish It Industry

    3 semanas atrás

    Sinop, Brasil Nexer Telescope Tempo inteiro

    OverviewExperienced Recruiter For The Swedish IT Industry at Nexer Telescope. The role focuses on recruiting software engineers to Sweden, supporting relocation, and coordinating with global teams. ResponsibilitiesIdentify and recruit engineers for Sweden-based roles across software development, R&D, cyber security, automotive, embedded systems,...

  • Senior frontend engineer | Ux/Ui | Fully remote | B2B

    Há 6 dias

    Sinop, MT, Brasil fullinfo Tempo inteiro

    Fullinfo is looking for a Senior Frontend Engineer who can take ownership of the user interface and bring technical clarity to a fast evolving product. You will design, build and refine a TypeScript based frontend in Angular with heavy UI components. Everything is deployed serverless on Amazon Web Services. This is a fully remote role. We prefer candidates...

  • Mathematics Specialist

    Há 4 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    OverviewInnodata (NASDAQ: INOD) is a leading data engineering company with more than 2,000 customers and operations in 13 cities. We are an AI technology solutions provider for major technology companies and leaders across financial services, insurance, technology, law, and medicine. By combining ML/AI technologies, a global workforce of subject matter...

  • Mathematics Specialist

    Há 6 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    Overview Innodata (NASDAQ: INOD) is a leading data engineering company with more than 2,000 customers and operations in 13 cities. We are an AI technology solutions provider for major technology companies and leaders across financial services, insurance, technology, law, and medicine. By combining ML/AI technologies, a global workforce of subject matter...

  • Mathematics Specialist

    Há 6 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    OverviewInnodata (NASDAQ: INOD) is a leading data engineering company with more than 2,000 customers and operations in 13 cities. We are an AI technology solutions provider for major technology companies and leaders across financial services, insurance, technology, law, and medicine. By combining ML/AI technologies, a global workforce of subject matter...

  • Mathematics Specialist

    Há 5 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    OverviewInnodata (NASDAQ: INOD) is a leading data engineering company with more than 2,000 customers and operations in 13 cities.We are an AI technology solutions provider for major technology companies and leaders across financial services, insurance, technology, law, and medicine.By combining ML/AI technologies, a global workforce of subject matter...

  • Mathematics Specialist

    Há 5 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    Innodata (NASDAQ: INOD) is a leading data engineering company. With more than 2,000 customers and operations in 13 cities around the world, we are an AI technology solutions provider of choice for 4 out of 5 of the world's biggest technology companies, as well as leading companies across financial services, insurance, technology, law, and medicine. By...

  • Mathematics Specialist

    Há 4 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    Innodata (NASDAQ: INOD) is a leading data engineering company. With more than 2,000 customers and operations in 13 cities around the world, we are an AI technology solutions provider of choice for 4 out of 5 of the world's biggest technology companies, as well as leading companies across financial services, insurance, technology, law, and medicine. By...

  • Chemistry Specialist

    Há 3 dias

    Sinop, Brasil Innodata Inc. Tempo inteiro

    Innodata (NASDAQ: INOD) is a leading data engineering company. With more than 2,000 customers and operations in 13 cities around the world, we are an AI technology solutions provider of choice for 4 out of 5 of the world's biggest technology companies, as well as leading companies across financial services, insurance, technology, law, and medicine. By...