3.342 Ofertas de Sr Security Engineer en España

We are Merlin Digital Partner ! A leading IT and Digital headhunting company who stands out from the crowd, boasting over a decade of experience. We've successfully collaborated and played a pivotal role in the growth of industry heavyweights such as Wallapop, Glovo, Banc Sabadell, among others.

Our partner, a rapidly growing startup, has created a debt recovery platform powered by IA , designed to improve recovery rates while maintaining respectful and personalized communication. And it's available in over 20 languages !

We know the world is flooded with AI we hear about it in events, articles, social media. even at the supermarket! But the truth is, when we talk about artificial intelligence, we refer to a project that is 100% developed with real AI . We have the Ultron gem!

Our vacancy

So, are you passionate about cybersecurity, risk management, and protecting critical assets? They are seeking a strategic and hands-on Security Manager to lead their security initiatives in a fast-paced, ever-evolving technology environment

This role offers the opportunity to shape security strategy, drive operational resilience, and make a measurable impact across the organization

What you'll be doing - Day to day

• Collaborate across a multi-cloud environment (AWS & GCP) to assess vulnerabilities, analyze root causes, and drive improvements in the security posture.
• Design, deploy, and maintain security services that detect vulnerabilities and lead remediation efforts.
• Utilize a combination of in-house and third-party tools to identify, report, and resolve vulnerabilities proactively.
• Support and guide compliance efforts across multiple frameworks including SOC2, HIPAA, PCI, FedRAMP, and ISO.
• Act as a security thought partner -providing insights, defining best practices, and aligning actions with broader business goals while minimizing effort and maximizing impact.

• 5+ years of experience as a Security Engineer.
• Strong hands-on experience with orchestration platforms, container runtimes, infrastructure as code, and cloud-native or multi-cloud environments (specifically AWS & GCP ).
• Proven ability to drive automation and operational efficiency through orchestration and effective collaboration.
• Data-savy: you know how to integrate, analyze, and communicate meaningful metrics from large-scale datasets.
• Comfortable working both independently and cross-functionally in afast-paced, high-growth, distributed team.
• Bonus: Experience in Python or TypeScript (they primarily use Node.js with TypeScript ).

• Be part of the company's growth from the ground up and make a tangible impact from day one.
• Ongoing learning opportunities , training, and exposure to other top-tier startups-grow as a team and as an individual .
• Autonomy to design and implement high-impact security strategies .
• Permanent contract and direct hire with our client .
• Hybrid work model based in Barcelona 3 days office 2 days at home, they are growing so they need a lot of blackboard!

We are Merlin Digital Partner ! A leading IT and Digital headhunting company who stands out from the crowd, boasting over a decade of experience. We've successfully collaborated and played a pivotal role in the growth of industry heavyweights such as Wallapop, Glovo, Banc Sabadell, among others.
Our partner, a rapidly growing startup, has created a debt recovery platform powered by IA , designed to improve recovery rates while maintaining respectful and personalized communication. And it's available in over 20 languages !
We know the world is flooded with AI we hear about it in events, articles, social media. even at the supermarket! But the truth is, when we talk about artificial intelligence, we refer to a project that is 100% developed with real AI . We have the Ultron gem!
Our vacancy
So, are you passionate about cybersecurity, risk management, and protecting critical assets? They are seeking a strategic and hands-on Security Manager to lead their security initiatives in a fast-paced, ever-evolving technology environment
This role offers the opportunity to shape security strategy, drive operational resilience, and make a measurable impact across the organization
What you'll be doing - Day to day

• Collaborate across a multi-cloud environment (AWS & GCP) to assess vulnerabilities, analyze root causes, and drive improvements in the security posture.
• Design, deploy, and maintain security services that detect vulnerabilities and lead remediation efforts.
• Utilize a combination of in-house and third-party tools to identify, report, and resolve vulnerabilities proactively.
• Support and guide compliance efforts across multiple frameworks including SOC2, HIPAA, PCI, FedRAMP, and ISO.
• Act as a security thought partner -providing insights, defining best practices, and aligning actions with broader business goals while minimizing effort and maximizing impact.

• 5+ years of experience as a Security Engineer.
• Strong hands-on experience with orchestration platforms, container runtimes, infrastructure as code, and cloud-native or multi-cloud environments (specifically AWS & GCP ).
• Proven ability to drive automation and operational efficiency through orchestration and effective collaboration.
• Data-savy: you know how to integrate, analyze, and communicate meaningful metrics from large-scale datasets.
• Comfortable working both independently and cross-functionally in afast-paced, high-growth, distributed team.
• Bonus: Experience in Python or TypeScript (they primarily use Node.js with TypeScript ).

• Be part of the company's growth from the ground up and make a tangible impact from day one.
• Ongoing learning opportunities , training, and exposure to other top-tier startups-grow as a team and as an individual .
• Autonomy to design and implement high-impact security strategies .
• Permanent contract and direct hire with our client .
• Hybrid work model based in Barcelona 3 days office 2 days at home, they are growing so they need a lot of blackboard!

We are Merlin Digital Partner , a leading IT and Digital headhunting company with over a decade of experience. We have successfully collaborated with industry giants such as Wallapop, Glovo, and Banc Sabadell.

Our partner , a rapidly growing startup, has developed a debt recovery platform powered by AI . This platform aims to improve recovery rates while maintaining respectful and personalized communication, and it is available in over 20 languages .

We understand the prominence of AI in today's world—discussed at events, in articles, on social media, and even in supermarkets. However, our project is 100% developed with real AI . We proudly have the Ultron gem !

Our vacancy

Are you passionate about cybersecurity, risk management, and protecting critical assets? We are seeking a strategic and hands-on Security Manager to lead security initiatives in a fast-paced, evolving technological environment.

This role offers the chance to shape security strategy, enhance operational resilience, and make a significant organizational impact.

What you'll be doing – Day to day

• Collaborate across a multi-cloud environment (AWS & GCP ) to assess vulnerabilities, analyze root causes, and improve security posture.
• Design, deploy, and maintain security services that detect vulnerabilities and lead remediation efforts.
• Use a combination of in-house and third-party tools to identify, report, and resolve vulnerabilities proactively.
• Support compliance efforts across frameworks like SOC2, HIPAA, PCI, FedRAMP, and ISO .
• Act as a security thought partner , providing insights, defining best practices, and aligning actions with business goals while minimizing effort and maximizing impact.

What they’re looking for:

• 5+ years of experience as a Security Engineer.
• Strong hands-on experience with orchestration platforms, container runtimes, infrastructure as code, and cloud-native/multi-cloud environments (specifically AWS & GCP ) .
• Proven ability to drive automation and operational efficiency through orchestration and collaboration.
• Data-savvy: capable of integrating, analyzing, and communicating meaningful metrics from large datasets.
• Comfortable working independently and cross-functionally in a fast-paced, high-growth, distributed team.
• Bonus: Experience with Python or TypeScript (they mainly use Node.js with TypeScript ).

What's in it for you:

• Be part of the company’s growth from the ground up and make a tangible impact from day one.
• Enjoy ongoing learning opportunities , training, and exposure to top-tier startups—grow as a team and as an individual .
• Gain autonomy to design and implement high-impact security strategies.
• Secure a permanent contract with direct hire by our client.
• Work in a hybrid model based in Barcelona: 3 days in the office and 2 days remote. As the team grows, more opportunities will arise!

Interested in joining us? Let's talk !

We are Merlin Digital Partner , a leading IT and Digital headhunting company with over a decade of experience. We have successfully collaborated with industry giants such as Wallapop, Glovo, and Banc Sabadell.

Our partner , a rapidly growing startup, has developed a debt recovery platform powered by AI . This platform aims to improve recovery rates while maintaining respectful and personalized communication, and it is available in over 20 languages .

We understand the prominence of AI in today's world—discussed at events, in articles, on social media, and even in supermarkets. However, our project is 100% developed with real AI . We proudly have the Ultron gem !

Our vacancy

Are you passionate about cybersecurity, risk management, and protecting critical assets? We are seeking a strategic and hands-on Security Manager to lead security initiatives in a fast-paced, evolving technological environment.

This role offers the chance to shape security strategy, enhance operational resilience, and make a significant organizational impact.

What you'll be doing – Day to day

• Collaborate across a multi-cloud environment (AWS & GCP ) to assess vulnerabilities, analyze root causes, and improve security posture.
• Design, deploy, and maintain security services that detect vulnerabilities and lead remediation efforts.
• Use a combination of in-house and third-party tools to identify, report, and resolve vulnerabilities proactively.
• Support compliance efforts across frameworks like SOC2, HIPAA, PCI, FedRAMP, and ISO .
• Act as a security thought partner , providing insights, defining best practices, and aligning actions with business goals while minimizing effort and maximizing impact.

What they’re looking for:

• 5+ years of experience as a Security Engineer.
• Strong hands-on experience with orchestration platforms, container runtimes, infrastructure as code, and cloud-native/multi-cloud environments (specifically AWS & GCP ) .
• Proven ability to drive automation and operational efficiency through orchestration and collaboration.
• Data-savvy: capable of integrating, analyzing, and communicating meaningful metrics from large datasets.
• Comfortable working independently and cross-functionally in a fast-paced, high-growth, distributed team.
• Bonus: Experience with Python or TypeScript (they mainly use Node.js with TypeScript ).

What's in it for you:

• Be part of the company’s growth from the ground up and make a tangible impact from day one.
• Enjoy ongoing learning opportunities , training, and exposure to top-tier startups—grow as a team and as an individual .
• Gain autonomy to design and implement high-impact security strategies.
• Secure a permanent contract with direct hire by our client.
• Work in a hybrid model based in Barcelona: 3 days in the office and 2 days remote. As the team grows, more opportunities will arise!

Interested in joining us? Let's talk !

We are Merlin Digital Partner , a leading IT and Digital headhunting company with over a decade of experience. We have successfully collaborated with industry giants such as Wallapop, Glovo, and Banc Sabadell.

Our partner , a rapidly growing startup, has developed a debt recovery platform powered by AI . This platform aims to improve recovery rates while maintaining respectful and personalized communication, and it is available in over 20 languages .

We understand the prominence of AI in today's world—discussed at events, in articles, on social media, and even in supermarkets. However, our project is 100% developed with real AI . We proudly have the Ultron gem !

Our vacancy

Are you passionate about cybersecurity, risk management, and protecting critical assets? We are seeking a strategic and hands-on Security Manager to lead security initiatives in a fast-paced, evolving technological environment.

This role offers the chance to shape security strategy, enhance operational resilience, and make a significant organizational impact.

What you'll be doing – Day to day

• Collaborate across a multi-cloud environment (AWS & GCP ) to assess vulnerabilities, analyze root causes, and improve security posture.
• Design, deploy, and maintain security services that detect vulnerabilities and lead remediation efforts.
• Use a combination of in-house and third-party tools to identify, report, and resolve vulnerabilities proactively.
• Support compliance efforts across frameworks like SOC2, HIPAA, PCI, FedRAMP, and ISO .
• Act as a security thought partner , providing insights, defining best practices, and aligning actions with business goals while minimizing effort and maximizing impact.

What they’re looking for:

• 5+ years of experience as a Security Engineer.
• Strong hands-on experience with orchestration platforms, container runtimes, infrastructure as code, and cloud-native/multi-cloud environments (specifically AWS & GCP ) .
• Proven ability to drive automation and operational efficiency through orchestration and collaboration.
• Data-savvy: capable of integrating, analyzing, and communicating meaningful metrics from large datasets.
• Comfortable working independently and cross-functionally in a fast-paced, high-growth, distributed team.
• Bonus: Experience with Python or TypeScript (they mainly use Node.js with TypeScript ).

What's in it for you:

• Be part of the company’s growth from the ground up and make a tangible impact from day one.
• Enjoy ongoing learning opportunities , training, and exposure to top-tier startups—grow as a team and as an individual .
• Gain autonomy to design and implement high-impact security strategies.
• Secure a permanent contract with direct hire by our client.
• Work in a hybrid model based in Barcelona: 3 days in the office and 2 days remote. As the team grows, more opportunities will arise!

Interested in joining us? Let's talk !

is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseyas bestinbreed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained strong doubledigit growth over the past several years and is backed by Insight Venture Partners ) a leading global private equity firm investing in highgrowth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000 Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our awardwinning solutions go to and for more information on Kaseyas culture please click here : Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD being GRITTY being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers and the betterment of their careers and longterm financial wealth.

Position Overview

As an Application Security Engineer you will play a key role in ensuring that Kaseyas applications are secure by proactively identifying and mitigating security vulnerabilities within the code. Your primary focus will be to embed security into the development lifecycle ensuring applications are built with security at their core.

You will work closely with development teams to review code implement security best practices and identify vulnerabilities at all stages of development. You will be responsible for assessing code executing security testing and helping to embed secure coding practices across development processes.

Primary Responsibilities

Perform Security Assessments and Code Reviews : Conduct thorough security assessments focusing on identifying and mitigating vulnerabilities in application code. Perform secure code reviews to ensure that applications are secure by design.

Implement Security Best Practices : Develop implement and enforce security guidelines for developers to follow. Ensure that secure coding practices are followed throughout the software development lifecycle (SDLC).

Vulnerability Remediation : Work with development teams to address and resolve identified security vulnerabilities ensuring they are fixed efficiently and properly tested.

Security Testing Integration : Integrate security testing tools (e.g. Static Application Security Testing SAST Dynamic Application Security Testing DAST) into the development pipeline to identify vulnerabilities early in the development process.

Threat Modeling : Work with developers to perform threat modeling identifying potential security risks in the architecture and design of applications.

Continuous Improvement : Continuously research and apply new security techniques tools and methodologies to enhance the organizations application security posture.

Collaboration with Development Teams : Collaborate directly with development teams to ensure that security is integrated into every phase of application development from design to deployment.

Skills & Qualifications

Required

Experience with Vulnerability Assessment Tools : Familiarity with security tools such as SAST DAST and IAST (Interactive Application Security Testing) and experience with scanning and interpreting results to fix vulnerabilities.

Deep Knowledge of Web and Application Security : Strong understanding of common web application vulnerabilities (OWASP Top 10) such as SQL injection crosssite scripting (XSS) and crosssite request forgery (CSRF).

Experience with Threat Modeling : Knowledge of threat modeling frameworks and methodologies to identify potential security risks and mitigate them during development.

Proven ProblemSolving Skills : Ability to identify security flaws within application code and effectively collaborate with developers to resolve them.

Strong Communication Skills : Ability to clearly document security issues report findings and communicate with both technical and nontechnical stakeholders.

Preferred

Familiarity with Security Frameworks and Libraries : Experience working with security libraries and frameworks (e.g. Spring Security OWASP DependencyCheck etc.) to enhance application security.

Understanding of Security Automation : Experience in automating security testing within the CI / CD pipeline to ensure continuous security verification during development.

Cloud Security Knowledge : Experience securing cloudnative applications and familiarity with cloud security platforms (e.g. AWS Azure Google Cloud).

Education & Certifications

Minimum

Bachelors degree in Computer Science Cybersecurity or a related field .

At least one expertlevel security certification such as Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) or Certified Secure Software Lifecycle Professional (CSSLP).

Preferred

Additional certifications or coursework in application security or advanced threat modeling would be a plus.

Experience

Minimum

At least 2 years of experience in an application security engineering role focusing on secure coding vulnerability assessment and secure development practices.

5 years of experience in IT with significant handson experience in software development and application security.

Preferred

Over 10 years of experience in IT with an extensive focus on application security.

Experience with DevSecOps practices and embedding security within Agile and DevOps environments.

IND2

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information

Kaseya provides equal employment opportunity to all employees and applicants without regard to race religion age ancestry gender sex sexual orientation national origin citizenship status physical or mental disability veteran status marital status or any other characteristic protected by applicable law.

Required Experience :

Senior IC

Key Skills

Employment Type : Full Time

Experience : years

Vacancy : 1

Application Engineer • Madrid, Madrid, Spain

Kaseya Madrid, Community of Madrid, Spain

Join or sign in to find your next job

Join to apply for the Sr. Application Security Engineer role at Kaseya

Kaseya Madrid, Community of Madrid, Spain

1 week ago Be among the first 25 applicants

Join to apply for the Sr. Application Security Engineer role at Kaseya

Kaseya is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to and for more information on Kaseya’s culture, please click here : Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers.

Position Overview

As an Application Security Engineer , you will play a key role in ensuring that Kaseya's applications are secure by proactively identifying and mitigating security vulnerabilities within the code. Your primary focus will be to embed security into the development lifecycle, ensuring applications are built with security at their core.

You will work closely with development teams to review code, implement security best practices, and identify vulnerabilities at all stages of development. You will be responsible for assessing code, executing security testing, and helping to embed secure coding practices across development processes.

Primary Responsibilities

• Perform Security Assessments and Code Reviews : Conduct thorough security assessments, focusing on identifying and mitigating vulnerabilities in application code. Perform secure code reviews to ensure that applications are secure by design.
• Implement Security Best Practices : Develop, implement, and enforce security guidelines for developers to follow. Ensure that secure coding practices are followed throughout the software development lifecycle (SDLC).
• Vulnerability Remediation : Work with development teams to address and resolve identified security vulnerabilities, ensuring they are fixed efficiently and properly tested.
• Security Testing Integration : Integrate security testing tools (e.g., Static Application Security Testing - SAST, Dynamic Application Security Testing - DAST) into the development pipeline to identify vulnerabilities early in the development process.
• Threat Modeling : Work with developers to perform threat modeling, identifying potential security risks in the architecture and design of applications.
• Continuous Improvement : Continuously research and apply new security techniques, tools, and methodologies to enhance the organization's application security posture.
• Collaboration with Development Teams : Collaborate directly with development teams to ensure that security is integrated into every phase of application development, from design to deployment.

Required

Skills & Qualifications

• Experience with Vulnerability Assessment Tools : Familiarity with security tools such as SAST, DAST, and IAST (Interactive Application Security Testing), and experience with scanning and interpreting results to fix vulnerabilities.
• Deep Knowledge of Web and Application Security : Strong understanding of common web application vulnerabilities (OWASP Top 10), such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).
• Experience with Threat Modeling : Knowledge of threat modeling frameworks and methodologies to identify potential security risks and mitigate them during development.
• Proven Problem-Solving Skills : Ability to identify security flaws within application code and effectively collaborate with developers to resolve them.
• Strong Communication Skills : Ability to clearly document security issues, report findings, and communicate with both technical and non-technical stakeholders.

Preferred

• Familiarity with Security Frameworks and Libraries : Experience working with security libraries and frameworks (e.g., Spring Security, OWASP Dependency-Check, etc.) to enhance application security.
• Understanding of Security Automation : Experience in automating security testing within the CI / CD pipeline to ensure continuous security verification during development.
• Cloud Security Knowledge : Experience securing cloud-native applications and familiarity with cloud security platforms (e.g., AWS, Azure, Google Cloud).

Education & Certifications

Minimum

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• At least one expert-level security certification, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Secure Software Lifecycle Professional (CSSLP).

Preferred

• Additional certifications or coursework in application security or advanced threat modeling would be a plus.

Experience

Minimum

• At least 2+ years of experience in an application security engineering role, focusing on secure coding, vulnerability assessment, and secure development practices.
• 5+ years of experience in IT, with significant hands-on experience in software development and application security.

Preferred

• Over 10+ years of experience in IT, with an extensive focus on application security.
• Experience with DevSecOps practices and embedding security within Agile and DevOps environments.

IND2

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional Information

Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law. Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Kaseya by 2x

Get notified about new Senior Application Security Engineer jobs in Madrid, Community of Madrid, Spain .

Madrid, Community of Madrid, Spain 2 weeks ago

Madrid, Community of Madrid, Spain 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr

Kaseya Madrid, Community of Madrid, Spain

Join or sign in to find your next job

Join to apply for the Sr. Application Security Engineer role at Kaseya

Kaseya Madrid, Community of Madrid, Spain

1 week ago Be among the first 25 applicants

Join to apply for the Sr. Application Security Engineer role at Kaseya

Kaseya is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to and for more information on Kaseya’s culture, please click here : Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers.

Position Overview

As an Application Security Engineer , you will play a key role in ensuring that Kaseya's applications are secure by proactively identifying and mitigating security vulnerabilities within the code. Your primary focus will be to embed security into the development lifecycle, ensuring applications are built with security at their core.

You will work closely with development teams to review code, implement security best practices, and identify vulnerabilities at all stages of development. You will be responsible for assessing code, executing security testing, and helping to embed secure coding practices across development processes.

Primary Responsibilities

• Perform Security Assessments and Code Reviews : Conduct thorough security assessments, focusing on identifying and mitigating vulnerabilities in application code. Perform secure code reviews to ensure that applications are secure by design.
• Implement Security Best Practices : Develop, implement, and enforce security guidelines for developers to follow. Ensure that secure coding practices are followed throughout the software development lifecycle (SDLC).
• Vulnerability Remediation : Work with development teams to address and resolve identified security vulnerabilities, ensuring they are fixed efficiently and properly tested.
• Security Testing Integration : Integrate security testing tools (e.g., Static Application Security Testing - SAST, Dynamic Application Security Testing - DAST) into the development pipeline to identify vulnerabilities early in the development process.
• Threat Modeling : Work with developers to perform threat modeling, identifying potential security risks in the architecture and design of applications.
• Continuous Improvement : Continuously research and apply new security techniques, tools, and methodologies to enhance the organization's application security posture.
• Collaboration with Development Teams : Collaborate directly with development teams to ensure that security is integrated into every phase of application development, from design to deployment.

Required

Skills & Qualifications

• Experience with Vulnerability Assessment Tools : Familiarity with security tools such as SAST, DAST, and IAST (Interactive Application Security Testing), and experience with scanning and interpreting results to fix vulnerabilities.
• Deep Knowledge of Web and Application Security : Strong understanding of common web application vulnerabilities (OWASP Top 10), such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF).
• Experience with Threat Modeling : Knowledge of threat modeling frameworks and methodologies to identify potential security risks and mitigate them during development.
• Proven Problem-Solving Skills : Ability to identify security flaws within application code and effectively collaborate with developers to resolve them.
• Strong Communication Skills : Ability to clearly document security issues, report findings, and communicate with both technical and non-technical stakeholders.

Preferred

• Familiarity with Security Frameworks and Libraries : Experience working with security libraries and frameworks (e.g., Spring Security, OWASP Dependency-Check, etc.) to enhance application security.
• Understanding of Security Automation : Experience in automating security testing within the CI / CD pipeline to ensure continuous security verification during development.
• Cloud Security Knowledge : Experience securing cloud-native applications and familiarity with cloud security platforms (e.g., AWS, Azure, Google Cloud).

Education & Certifications

Minimum

• Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
• At least one expert-level security certification, such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Secure Software Lifecycle Professional (CSSLP).

Preferred

• Additional certifications or coursework in application security or advanced threat modeling would be a plus.

Experience

Minimum

• At least 2+ years of experience in an application security engineering role, focusing on secure coding, vulnerability assessment, and secure development practices.
• 5+ years of experience in IT, with significant hands-on experience in software development and application security.

Preferred

• Over 10+ years of experience in IT, with an extensive focus on application security.
• Experience with DevSecOps practices and embedding security within Agile and DevOps environments.

IND2

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional Information

Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law. Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Kaseya by 2x

Get notified about new Senior Application Security Engineer jobs in Madrid, Community of Madrid, Spain .

Madrid, Community of Madrid, Spain 2 weeks ago

Madrid, Community of Madrid, Spain 2 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr

is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseyas bestinbreed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained strong doubledigit growth over the past several years and is backed by Insight Venture Partners ) a leading global private equity firm investing in highgrowth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000 Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our awardwinning solutions go to and for more information on Kaseyas culture please click here : Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD being GRITTY being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers and the betterment of their careers and longterm financial wealth.

Position Overview

As an Application Security Engineer you will play a key role in ensuring that Kaseyas applications are secure by proactively identifying and mitigating security vulnerabilities within the code. Your primary focus will be to embed security into the development lifecycle ensuring applications are built with security at their core.

You will work closely with development teams to review code implement security best practices and identify vulnerabilities at all stages of development. You will be responsible for assessing code executing security testing and helping to embed secure coding practices across development processes.

Primary Responsibilities

Perform Security Assessments and Code Reviews : Conduct thorough security assessments focusing on identifying and mitigating vulnerabilities in application code. Perform secure code reviews to ensure that applications are secure by design.

Implement Security Best Practices : Develop implement and enforce security guidelines for developers to follow. Ensure that secure coding practices are followed throughout the software development lifecycle (SDLC).

Vulnerability Remediation : Work with development teams to address and resolve identified security vulnerabilities ensuring they are fixed efficiently and properly tested.

Security Testing Integration : Integrate security testing tools (e.g. Static Application Security Testing SAST Dynamic Application Security Testing DAST) into the development pipeline to identify vulnerabilities early in the development process.

Threat Modeling : Work with developers to perform threat modeling identifying potential security risks in the architecture and design of applications.

Continuous Improvement : Continuously research and apply new security techniques tools and methodologies to enhance the organizations application security posture.

Collaboration with Development Teams : Collaborate directly with development teams to ensure that security is integrated into every phase of application development from design to deployment.

Skills & Qualifications

Required

Experience with Vulnerability Assessment Tools : Familiarity with security tools such as SAST DAST and IAST (Interactive Application Security Testing) and experience with scanning and interpreting results to fix vulnerabilities.

Deep Knowledge of Web and Application Security : Strong understanding of common web application vulnerabilities (OWASP Top 10) such as SQL injection crosssite scripting (XSS) and crosssite request forgery (CSRF).

Experience with Threat Modeling : Knowledge of threat modeling frameworks and methodologies to identify potential security risks and mitigate them during development.

Proven ProblemSolving Skills : Ability to identify security flaws within application code and effectively collaborate with developers to resolve them.

Strong Communication Skills : Ability to clearly document security issues report findings and communicate with both technical and nontechnical stakeholders.

Preferred

Familiarity with Security Frameworks and Libraries : Experience working with security libraries and frameworks (e.g. Spring Security OWASP DependencyCheck etc.) to enhance application security.

Understanding of Security Automation : Experience in automating security testing within the CI / CD pipeline to ensure continuous security verification during development.

Cloud Security Knowledge : Experience securing cloudnative applications and familiarity with cloud security platforms (e.g. AWS Azure Google Cloud).

Education & Certifications

Minimum

Bachelors degree in Computer Science Cybersecurity or a related field .

At least one expertlevel security certification such as Certified Information Systems Security Professional (CISSP) Certified Ethical Hacker (CEH) or Certified Secure Software Lifecycle Professional (CSSLP).

Preferred

Additional certifications or coursework in application security or advanced threat modeling would be a plus.

Experience

Minimum

At least 2 years of experience in an application security engineering role focusing on secure coding vulnerability assessment and secure development practices.

5 years of experience in IT with significant handson experience in software development and application security.

Preferred

Over 10 years of experience in IT with an extensive focus on application security.

Experience with DevSecOps practices and embedding security within Agile and DevOps environments.

IND2

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information

Kaseya provides equal employment opportunity to all employees and applicants without regard to race religion age ancestry gender sex sexual orientation national origin citizenship status physical or mental disability veteran status marital status or any other characteristic protected by applicable law.

Required Experience :

Senior IC

Key Skills

Employment Type : Full Time

Experience : years

Vacancy : 1

Application Engineer • Madrid, Madrid, Spain