Senior Application Security Engineer
Há 24 horas
OverviewRain is the fastest-growing earned wage access (EWA) fintech in the U.S., serving 3.5 million employees and backed by top investors like QED and Prosus.
We are seeking a skilled and driven Senior Application Security Engineer to join Rain's growing Security team.
This role requires a proactive approach to secure software development and cloud-native defense.
You will partner closely with engineering and development squads, and work alongside our Cloud Security and GRC team members to improve Rain's application and platform security posture.
This position is technically grounded, requiring direct engagement in application-layer matters and security reviews, while also contributing to cloud security automation, awareness initiatives, and secure engineering practices across the SDLC.Key ResponsibilitiesCollaborate with development squads to validate vulnerabilities and provide actionable remediation guidance aligned with business risk.Drive threat modeling sessions (e.g., STRIDE, PASTA) for critical systems and APIs.Design, implement, and oversee automated processes for securely updating application and code dependencies, proactively mitigating issues and ensuring timely vulnerability remediation.Integrate security checks into CI/CD pipelines (SAST, DAST, SCA, IaC), working with tools like Semgrep, Snyk, Trivy, and Burp Suite.Contribute to runtime security initiatives, such as container/Kubernetes hardening, RASP, and eBPF-based detection.Build and maintain a security issues dashboard to track remediation status and metrics.Provide real-time support in the event of cybersecurity incidents impacting applications or cloud infrastructure (exploited vuln, credential stuffing, web/API attacks).
Partner with the Cloud Security team on security automation tasks and monitoring improvements (e.g., Security Hub remediation automations, DLP monitoring).
Conduct proactive research on new threats, vulnerabilities, and attack techniques relevant to Rain\'s architecture.Collaborate with the GRC team to develop and deliver internal security awareness initiatives, phishing campaigns, and developer training (e.g., secure coding, API security).
Participate in the continuous improvement of AppSec maturity (e.g., aligning with OWASP SAMM, ISO 27001, or SOC 2 frameworks).
Required QualificationsFluent English, including strong verbal and written skills.Strong problem-solving and analytical mindset.Excellent communication skills to convey security risks to technical and non-technical stakeholders.3–5+ years of experience in application security, penetration testing roles, and/or secure code development, including work with QA teams.Hands-on experience with SAST, DAST, and SCA tools (e.g., Semgrep, Burp, Snyk).
Deep understanding of web, mobile, and API vulnerabilities (OWASP Top 10, API Top 10, MITRE CWE).
Proven expertise in performing code review or security assessments and writing clear reports.Proficiency in at least one backend language (e.g., Go, Python, ) and understanding of React/React Native front-ends.Familiarity with secure architecture of microservices, event-driven systems, and REST APIs using OAuth2/OpenID Connect.Experience securing CI/CD pipelines and integrating AppSec tooling into SDLC.Solid knowledge of containerization and Kubernetes security fundamentals.Understanding of cloud security (preferably AWS), including IAM principles, cloud-native service configurations, and network segmentation.Comfortable with Agile development methodologies and working within cross-functional squads.Software supply chain security (e.g., SBOM, artifact signing).
Preferred QualificationsCertifications such as OSCP, OSWE, GWAPT, CPTE, or CSSLP.AWS, GCP, or Azure Security Specialty certification.Familiarity with bug bounty triage and vulnerability management platforms (e.g., DefectDojo).
Experience implementing RASP or eBPF runtime protection tools.Exposure to LLM/AI security considerations and secure code generation practices.Familiarity with logging and monitoring tools (e.g., CloudWatch, Datadog, Grafana).
Who We AreRain is populated by people with a deeply rooted passion for our mission, who embrace diversity throughout our global team, and grow personally and professionally.
We own what we do and let data guide our actions while working quickly and adapting to new challenges every day.
Rain is committed to Equal Employment Opportunity and does not discriminate based on race, religion, color, national origin, ethnicity, gender, sex (including pregnancy), protected veteran status, age, disability, sexual orientation, gender identity, gender expression, or any unlawful criterion under applicable laws.
If you need assistance or accommodation due to a disability, you may contact us at ******.
#J-18808-Ljbffr
-
Senior Javascript
Há 5 dias
Santana de Parnaíba, São Paulo, Brasil Intellias Tempo inteiroDive deep into DigitalFor 20 years Intellias has been developing top-tier digital solutions for the world's leading companies, keeping them in line with the latest technology trends.Join in and provide innovations for the futureWe are looking for a talented Senior JavaScript (Angular) engineer for the our project.As a senior engineer for the Web Team, you...
-
Santana de Parnaíba, São Paulo, Brasil Mastercard Tempo inteiroManager, Direct-to-Corporate, Business Development Join to apply for the Manager, Direct-to-Corporate, Business Development role at Mastercard . Overview The Corporate Solutions business is dedicated to delivering robust B2B payment solutions to Large Market corporates. Corporate Solutions represents a strategic growth priority for Mastercard in Brazil,...
-
Manager, Direct-To-Corporate, Business Development
1 semana atrás
Santana de Parnaíba, São Paulo, Brasil Mastercard Tempo inteiroManager, Direct-to-Corporate, Business DevelopmentJoin to apply for the Manager, Direct-to-Corporate, Business Development role at Mastercard.OverviewThe Corporate Solutions business is dedicated to delivering robust B2B payment solutions to Large Market corporates.Corporate Solutions represents a strategic growth priority for Mastercard in Brazil, with a...
-
Analista da Qualidade
3 semanas atrás
Santana de Parnaíba, São Paulo, Brasil Geraldiscos Tempo inteiroDescriçãoAnalisar e elaborar os procedimentos e forma de execução de cada tarefa, preparando listas de verificação com base nas recomendações das normas, visando identificar métodos de auditoria para esses procedimentos. DescriçãoAnalisar e elaborar os procedimentos e forma de execução de cada tarefa, preparando listas de verificação com base...
-
Business Growth Strategist
Há 5 dias
Santana de Parnaíba, São Paulo, Brasil beBeeGrowth Tempo inteiro R$4.000.000 - R$5.000.000Business Development ExecutiveThe role of a Business Development Executive is pivotal in driving growth and revenue for organizations through strategic partnerships, innovative solutions, and effective client engagement. We are seeking an experienced Business Development Executive to join our team in Brazil.This individual will be responsible for building...
-
Warehouse Assistant
2 semanas atrás
Santana de Parnaíba, São Paulo, Brasil Watson-Marlow Fluid Technology Solutions Tempo inteiro**Warehouse assistant (temporary)****Location: WM Brazil - Alameda Oceania, 63**We're currently seeking a Warehouse assistant (temporary) to join our team.You'll join a dynamic team of engineers, sales teams, marketers, administrators, designers, assemblers, chemists, web developers, accountants, analysts, programmers and many more.Globally we are united by...
-
Application Security Expert
Há 2 dias
Feira de Santana, Bahia, Brasil beBeeSecurity Tempo inteiro US$150.000 - US$200.000Job OverviewThis is a Senior Application Security Engineer role where you will be responsible for ensuring the security of our applications.Main Responsibilities:You will collaborate with development teams to identify and address potential security vulnerabilities.Drive security assessments for critical systems and APIs to ensure they are secure.You will...
-
Application Security Engineer
1 semana atrás
Rio de Janeiro, Rio de Janeiro, Brasil Varsity Tutors, a Nerdy Company Tempo inteiroJoin to apply for the Application Security Engineer role at Varsity Tutors, a Nerdy Company Overview We are seeking an experienced Application Security Engineer to serve as a trusted partner to our software development teams. This role focuses on making our product secure by design—embedding security into how software is architected, written, deployed,...
-
Senior Application Security Engineer
Há 4 horas
Rio de Janeiro, Rio de Janeiro, Brasil Rain Tempo inteiroOverviewJoin to apply for the Senior Application Security Engineer role at Rain.Rain is the fastest-growing earned wage access (EWA) fintech in the U.S., serving 3.5 million employees and backed by top investors like QED and Prosus.We've raised nearly $400M in funding—including the largest Series A in fintech history—and just closed our Series B to fuel...
-
Senior Application Security Engineer
1 semana atrás
Rio de Janeiro, Rio de Janeiro, Brasil Rain Tempo inteiroRain is the fastest-growing earned wage access (EWA) fintech in the U.S., serving 3.5 million employees and backed by top investors like QED and Prosus. We've raised nearly $400M in funding—including the largest Series A in fintech history—and just closed our Series B to fuel our next stage of hypergrowth.We are seeking a skilled and driven Senior...
-
Senior Application Security Engineer
Há 4 horas
Patos de Minas, Minas Gerais, Brasil Rain Tempo inteiroOverviewSenior Application Security Engineer role at Rain — join our Security team to secure Rain's application and cloud platforms.This role requires a proactive approach to secure software development and cloud-native defense, with collaboration across engineering and GRC teams.Key ResponsibilitiesCollaborate with development squads to validate...
-
Lead Application Security Expert
Há 7 dias
Rio de Janeiro, Rio de Janeiro, Brasil beBeeApplication Tempo inteiro US$100.000 - US$150.000Protecting our software is a top priority. As a seasoned Application Security Specialist, you will be instrumental in safeguarding our product by design.Key ResponsibilitiesYou will collaborate closely with our development teams to integrate security into every stage of the software development lifecycle.Identify, prioritize and implement robust security...
-
Senior Security Engineer
3 semanas atrás
Região Geográfica Intermediária de São Paulo, Brasil Nubank Tempo inteiroSenior Security Engineer - Regulatory Requirements Join to apply for the Senior Security Engineer - Regulatory Requirements role at Nubank Senior Security Engineer - Regulatory Requirements Join to apply for the Senior Security Engineer - Regulatory Requirements role at Nubank About NubankNubank was founded in 2013 to free people from a bureaucratic,...
-
Senior Cloud Security Architect
1 dia atrás
Greater Rio de Janeiro, Brasil beBeeDevSecops Tempo inteiro US$104.000 - US$130.878Senior DevSecOps Engineer RoleWe are seeking a highly skilled Senior DevSecOps Engineer to join our team. This role will be responsible for designing and implementing complex security solutions, working closely with engineering, operations, and security teams to ensure seamless integration and scalability.
-
Senior Java Engineer
2 semanas atrás
Rio de Janeiro, Rio de Janeiro, Brasil UMATR Tempo inteiroSenior Java Engineer | Security & Defence | Relocate to Abu Dhabi, UAE
-
Application Security Specialist
2 semanas atrás
Rio de Janeiro, Rio de Janeiro, Brasil RecargaPay Tempo inteiroCome Make an Impact on Millions of BraziliansAt RecargaPay, we're on a mission to deliver the best payment experience for Brazilian consumers and small businesses — by building a powerful digital ecosystem where the banked and unbanked connect, and where consumers and merchants have a one-stop shop for all their financial needs.We serve over 10 million...
