Senior Application Security Engineer

About Atomicwork Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience. With a strong emphasis on automation, integration, and security, Atomicwork helps organizations streamline workflows, improve productivity, and reduce friction across employee and IT interactions. Role Overview We are looking for a Senior Application Security Engineer to join our growing engineering team. In this role, you will lead efforts to embed security best practices across the software development lifecycle, proactively identify and mitigate application risks, and collaborate with product and engineering teams to ensure secure design and implementation. You’ll play a critical role in strengthening the security posture of our cloud-native, AI-driven SaaS platform. Key Responsibilities Design and implementation of secure software architecture patterns across the platform. Conduct threat modeling, security design reviews, and code audits for critical features. Define and automate security tests (SAST, DAST, SCA) as part of the CI/CD pipeline. Manage and resolve application-layer vulnerabilities discovered via internal and external security assessments (e.g., OWASP Top 10, CVEs). Collaborate with developers to ensure secure coding practices through training, tooling, and mentorship. Evaluate and integrate security technologies to support secure service-to-service communication, secrets management, and identity and access control. Stay up-to-date with the latest vulnerabilities, exploits, and mitigation techniques in modern web/AI applications. Assist with incident response and root cause analysis for security events. Partner with DevOps to ensure secure deployment configurations and container security. Qualifications 8+ years of experience in application security, with strong knowledge of modern web application architectures (REST APIs, GraphQL, OAuth2, JWT, etc.). Proficiency in secure coding practices in at least one major language (Python/Java, JavaScript/Typescript, or similar). Proficient in both Static and Dynamic Application Security Testing (SAST, DAST, IAST), and Software Composition Analysis (SCA). Experience with security scanning tools (e.g., SonarQube, Snyk, Checkmarx) and hands-on remediation guidance. Deep understanding of cloud security principles (preferably AWS). Familiarity with container security (Docker, Kubernetes) and infrastructure-as-code (Terraform). Strong command of OWASP Top 10 with practical knowledge of attack vectors and mitigation strategies. Strong analytical and communication skills with the ability to influence engineering teams. Security certifications such as : OSCP, OSWE, OSEP, ECSA|LPT, CPT, CEH, GWAPT, or CSSLP are a plus. Why we are different (culture) As a part of Atomicwork, you can shape our company and business from idea to production. Our cultural values also set the bar high, helping us create a better workplace for everyone. Autonomy: We champion self-direction to deliver customer success, empowering teams and individuals to deliver peak performance. Trust: We unwaveringly believe in our colleagues' positive intentions, approaching every interaction with trust to accelerate execution. Ownership: We demonstrate unwavering commitment to our mission and goals, taking full responsibility for triumphs and setbacks. Mastery: We relentlessly pursue continuous self-improvement as individuals and teams, dedicating ourselves to constant learning and growth. Impatience: We recognize that our world moves swiftly and is driven by an unyielding desire to progress with every endeavor. Customer Obsession: We place our customers at the heart of everything we do, relentlessly seeking to understand their needs and exceed their expectations. What we offer (compensation and benefits) We are big on benefits that make sense to you and your family. Fantastic team —the #1 reason why everybody joins us. Convenient offices — well-located offices spread over five different cities. Flexible work timings — you get to decide how you want to work. Paid time off — Unlimited sick leaves and 24 days off every year. Health insurance — comprehensive health coverage for your entire family. Great hardware — premium Apple hardware to help you do your best work. Flexible allowances — with hassle-free reimbursements across spends. Team events — we cover team meet-ups and celebrations for milestones. Annual outings — for everyone to have fun together.