• Application Deadline:
• Position: Senior Application Security Engineer



• Job Type Full Time , Remote



• Qualification BA/BSc/HND



• Experience 5 years



• Location Nigeria




• Job Field ICT / Computer 
  
  

Job Summary

• As a Senior Security Engineer, you will champion secure innovation by embedding security into the fabric of our software development lifecycle.


• You'll partner closely with engineering teams to safeguard customer trust while they build cutting-edge services.


• Your expertise will directly shape secure design through threat modeling and code review, drive efficiency via security automation, and mentor developers to elevate our collective security posture.


• The ideal candidate is a technical leader who blends deep security expertise with exceptional influence.


• You possess broad security knowledge anchored by specialization in critical areas, and excel at translating complex risks into actionable insights for both engineers and executives.


• Your strength lies in harmonizing diverse perspectives, strategically prioritizing risks, and guiding partners to implement resilient, secure solutions that balance speed and safety.

Key Responsibilities

Security Strategy & Leadership:

• Define and execute security strategy for product teams, aligning with business objectives.


• Lead threat modeling, security architecture reviews, and design guidance for diverse software projects.


• Mentor engineers technically and professionally, fostering a culture of security excellence.

Advanced Technical Execution:

• Conduct adversarial security analysis using automated tools and manual techniques (e.g., custom exploit development).


• Perform manual/automated secure code reviews across Java, Python, JavaScript, and cloud-native stacks.


• Develop security automation tools to scale vulnerability detection (SAST/DAST/IAST enhancements).

Risk Mitigation & Innovation:

• Identify complex risks through offensive security research; advocate for cutting-edge mitigation technologies.


• Solve novel security problems lacking predefined solutions (e.g., zero-day vulnerabilities, emergent attack vectors).


• Maintain and evolve threat models for critical applications and microservices architectures.

Collaboration & Enablement:

• Partner with the engineering team to embed security controls into CI/CD pipelines and development practices.


• Design/deliver security training programs tailored to development teams and business stakeholders.


• Lead incident response for application security events and drive root-cause analysis.

Qualifications

Required

• 5+ years in application security, including 2+ years in a senior / lead role.


• Expertise in threat modeling (e.g., STRIDE, PASTA), penetration testing, and secure SDLC implementation.Proficiency in code review for Java/Python/JavaScript and cloud platforms (AWS/Azure/GCP).


• Hands-on experience building security tools (e.g., scanners, CI plugins) with Python/Go.


• Proven track record in security architecture design and risk-based decision-making.

Preferred:

• OSCP, OSCE, GXPN, or similar offensive security certifications.


• Contributions to security tooling/open-source projects.


• Experience with container security (Kubernetes, Docker), serverless, or infrastructure-as-code.

Skills:

• Leadership: Ability to define team strategy, mentor engineers, and influence stakeholders.


• Innovation: Aptitude for researching/implementing novel solutions to ambiguous security challenges.


• Technical Depth: Mastery of application security frameworks (OWASP, NIST) and exploit techniques.


• Communication: Translate technical risks to business impact for executives and engineers alike.


• Execution: Drive implementation of security controls.