Return to jobs Return to jobs

Application Security Engineer



Posted over 30 days ago...

Join the forefront of the vacation rental industry at Lodgify, where your cybersecurity expertise will revolutionize SaaS product safety


icon Salary

No salary declared 😔

icon Location


icon Nomad Friendly?
icon Expires

Expires at anytime

Organisation summary: Lodgify, a rapidly expanding startup, is a leader in the vacation rental software market, having recently secured a $30M investment. Based in Barcelona, the company boasts a vibrant international team of 350+ members from over 60 nationalities, dedicated to providing property owners and managers with top-notch online business management and marketing solutions.

Role Summary:Implement and lead Secure Development Practices within the SSDLC framework.Design and review technical solutions with development teams to strengthen security.Identify necessary tools and processes for an application security program.Conduct threat modeling, secure coding, code reviews, and security testing.Train developers in secure coding best practices.Manage and improve the bug bounty program and coordinate the resolution of reported vulnerabilities.Optimize WAF protection and enhance the security of our public API.

Role Requirements:Minimum 3 years of experience as an Application Security Engineer, preferably in a SaaS environment.Expertise in web application security, OWASP Top 10, and threat modeling.Proficiency in code review and deployment of SAST and DAST solutions.Knowledge of programming languages such as .NET, ReactJS, Flutter, Python, Bash.Experience with API security tools and collaborative work with cross-functional teams.Additional credit for experience with WAF administration (Cloudflare), CI/CD, Kubernetes, and external penetration testing.

Why you’ll love working at Lodgify: You'll join a dynamic, international company with benefits like remote work flexibility, paid vacation, health insurance, meal and transport savings, office setup allowance, team-building events, Spanish classes, and a lucrative referral program.

Who we are

Lodgify is not just any startup, we're a fast-growing company leading the vacation rental industry with our innovative software. And we raised $30M to do exactly that!

Our platform empowers property owners and managers to efficiently manage and market their rental businesses online. We are an international team of more than 350 people and over 60 different nationalities, founded in the heart of sunny Barcelona. 

 Role Overview

Are you experienced in SaaS product development and passionate about cybersecurity? We're seeking a skilled Application Security Engineer to enhance our Software Development Life Cycle's security, automate workflows, review code, identify vulnerabilities, and contribute to overall application security.

If you're ready to make a significant impact in a fast-paced environment, apply now to join us in safeguarding cutting-edge SaaS products! 

⭐ How will you make an impact?

Lead the Implementation of Secure Development Practices: Work on a Secure Software Development Life Cycle (SSDLC) adoption, and integrate security practices into Lodgify’s existing development methodology. Work with our development teams by designing/reviewing technical solutions to avoid security weaknesses. Identify tools and processes needed to implement an application security program. Implement security-focused activities such as threat modeling, secure coding practices, code reviews, and security testing throughout the development process. Educate and encourage developers to follow secure coding best practices. Manage and enhance our existing bug bounty program, taking ownership of the coordination and resolution of vulnerabilities reported by external researchers. Review and understand issues, and provide guidance to our developers on how to fix them. Optimise our WAF protection against common Web Application vulnerabilities and attacks (Cloudflare). Contribute to improving the security of our public API, providing security recommendations and solutions.

⭐ What makes you a great fit?

3+ years of experience in an Application Security Engineer role, preferably in a SaaS company. In-depth knowledge of web application security, including common vulnerabilities, attack vectors, and mitigation techniques. Solid knowledge of OWASP Top 10 and understanding of OWASP testing guide. Demonstrated experience in threat modeling and identifying security issues through code review. Demonstrated experience in deploying SAST and DAST solutions and verifying their results. Proficiency in understanding and analyzing programming languages (e.g. .NET, ReactJS, Flutter, Python, Bash). Familiar with API security tools and processes. Ability to work collaboratively with cross-functional teams, including developers, QAs and DevOps engineers. Able to inculcate security culture among development teams.

⭐ How can you earn extra bonus points?

Experience with WAF administration (Cloudflare). Familiar with code management systems, CI/CD, Kubernetes, and microservices architecture. Familiar with managing external penetration testing processes and results.

Why you’ll love us:

You’ll be part of a growing, dynamic company with a truly international team. At Lodgify, we are full of contagious energy, hard work, and passion for what we do. We celebrate diversity and are proud to acknowledges a variety of backgrounds, perspectives and skills in our team; committed to creating a workplace where everyone is heard and feels a sense of belonging.

What's in it for you?

🏠 The freedom to work from home.

🌴 Enjoy 25 working days of paid vacation and Jornada Intensiva in August.

💊 Top-notch Cigna health insurance (includes travel insurance, dental plan, psychologist).

😋 Save on meals and transportation! Enjoy our Flexible Remuneration plan.

🖥️ Elevate your workspace. We provide a home-office setup allowance to ensure you have everything you need for a productive and comfortable work environment.

🎉 Travel to our biyearly team-building events in Barcelona at company's expense.

🇪🇸 Free Spanish classes.

🤑 Boost your earning potential with our referral program that offers paid compensation.

💟 Great culture & working environment with an international team of over 60 different nationalities.

So, what are you waiting for? Apply now!

All applications and CVs must be submitted in English 😉


Hire with Escape

Showcase your progressive organisation and post your open roles to the biggest UK community of purpose driven job seekers.

Get Started