Jobs · greenhouse:datacamp

D

Senior Application Security Engineer

Meridian Softworks · Portugal · Posted 21d ago

remoteFull-timesenior5-8 yrsEstimated 100k-225k USD🇵🇹 Portugal
Apply on greenhouse:datacamp

About the role

Own the security posture of software and development practices, embedding security in engineering workflows.

About DataCamp DataCamp's mission is to empower everyone with the data and AI skills essential for 21st-century success. By providing practical, engaging learning experiences, DataCamp equips learners and organizations of all sizes to harness the power of data and AI. As a trusted partner to over 17 million learners and 6,000+ companies , including 80% of the Fortune 1000, DataCamp is leading the charge in addressing the critical data and AI skills shortage. About the role We are looking for a Senior Application Security Engineer to join our Engineering team and own the security posture of our software and development practices. This is a hands-on role for someone with a strong software engineering background who is genuinely passionate about security - not a traditional infosec role, but one that sits at the intersection of engineering and security. You will be our primary security expert embedded in the Engineering organization, acting as the first responder on security topics - from bug bounty programs and penetration testing to vulnerability management and security risk tracking. You will work closely with our engineering teams to embed security guardrails into our development workflows, including our growing AI-assisted and Agentic development practices. We are ISO 27001 certified and take our compliance obligations seriously. You will play a key role in ensuring our controls remain in place, evolving our security awareness program, and continuously improving the tools and practices that keep us ahead of the curve. About you At DataCamp, we seek individuals who embody our core values of data-driven decision-making, action, transparency, ownership, and customer focus. You thrive in a fast-paced, high-performing environment and are driven by a passion for making a meaningful impact. You're adaptable, embracing change and ambiguity with enthusiasm. Your initiative and entrepreneurial spirit push you beyond just meeting targets—you aim to understand the "why" behind our goals and take ownership to drive the business forward. You’re a collaborative team player who values transparency and always seeks to improve and innovate. If this sounds like you, we encourage you to apply! Responsibilities Own vulnerability management end-to-end: triage, prioritize, track, and drive remediation across the engineering organization Act as the first responder from Engineering on security topics, including bug bounty programs, penetration testing engagements, and security incidents Maintain and evolve our application security tooling (JFrog X-Ray, SonarCloud, OWASP ZAP) and integrate security checks into CI/CD pipelines Partner with engineering teams to embed security guardrails into development workflows - including AI-assisted and Agentic development practices Drive adoption of secure coding standards and OWASP best practices across the engineering organization (OWASP Top 10 for Web and API) Support and evolve our ISO 27001 compliance program, ensuring controls are in place, monitored, and continuously improved Run and evolve our annual security awareness training for developers Track and communicate security risks to engineering leadership and relevant stakeholders Evaluate and adopt new security tools and practices as the threat landscape and our technology evolve Qualifications 6+ years of software engineering or application security experience, with a strong coding background - you can read, write, and review code across multiple languages Strong TypeScript/Node.js experience; good knowledge of Kubernetes, and AWS Deep understanding of application security concepts: OWASP Top 10 (Web and API), vulnerability management, secure SDLC, and threat modeling Hands-on experience with application security tooling such as SAST, DAST, and SCA - experience with JFrog X-Ray, SonarCloud, or OWASP ZAP is a plus Experience coordinating or participating in bug bounty programs and penetration testing engagements Experience working within ISO 27001 or similar compliance frameworks - experience with compliance monitoring tools (e.g., Vanta) is a plus Experience integrating security practices into CI/CD pipelines and developer workflows Able to take a security initiative from problem identification through to implementation - you drive things to completion and don't wait to be pushed Already working with AI-assisted development tools (e.g., Claude Code, Cursor) in your day-to-day workflow, with solid understanding of AI Engineering concepts and Agentic systems - including the security implications they introduce Startup, scale-up, or small-company experience - You have worked in environments where teams are small, ownership is broad, priorities shift quickly, and you are expected to make progress without a large support structure. Strong communication skills - you can explain complex security topics to engineers and non-technical stakeholders alike Comfortable working across engineering teams without direct authority - you communicate security risks clearly and pragmatically, without blocking delivery Why Meridian Softworks? Joining DataCamp means becoming part of a dynamic, creative, and international start-up. Here are just a few of the reasons why you’ll love being on our team: Exciting challenges: Face new technical challenges daily, keeping your work engaging and rewarding. Competitive compensation: We offer a competitive salary with attractive benefits. Flexibility: Benefit from flexible working hours because the future is flexible! Continuous learning: Access a yearly learning budget for conferences & training to support your professional growth. Global retreats: Participate in international company retreats, fostering a global team spirit. Equipment: Yearly refreshment of your IT Equipment budget for your home working setup. Amazing team: Collaborate with a truly exceptional team—seriously, we’re awesome!

Read the full posting on greenhouse:datacamp

Why this role stands out

  • Hiring worldwide — no location constraint
  • Early-stage startup — outsized ownership and impact

FAQ

Is the Senior Application Security Engineer role at Meridian Softworks remote?+

This Senior Application Security Engineer position is listed as remote (Portugal).

What is the salary for the Senior Application Security Engineer role at Meridian Softworks?+

The listing states Estimated 100k-225k USD.

What seniority level is this Senior Application Security Engineer role?+

This is a senior level position.

How do I apply for the Senior Application Security Engineer role at Meridian Softworks?+

Use the "Apply on greenhouse:datacamp" button to open the original posting on greenhouse:datacamp, where you can submit your application directly to Meridian Softworks.