# Application Security Engineer

Remote from[UK](https://jobicy.com/job-region/uk.md), [Europe](https://jobicy.com/job-region/europe.md) +3 more, [Germany](https://jobicy.com/job-region/germany.md), [Netherlands](https://jobicy.com/job-region/netherlands.md), [Czechia](https://jobicy.com/job-region/czechia.md)Salary, yearly, EUR 75,000                             - 240,000Department  [Cybersecurity](https://jobicy.com/categories/cybersecurity.md) Employment type Full Time, Job posted16 Jun 2026Apply before16 Jul 2026Experience level  Midweight
Views / Applies 1128 / 50 [About company](https://jobicy.com/company/nebius.md)

* Share About [Nebius](https://jobicy.com/company/nebius.md)

Nebius is the AI cloud company, delivering a unified platform that spans the complete AI journey from data and model training and tuning to production runtime and deployment.

[Computer Software](https://jobicy.com/company-category/software.md)
*  2023

Actively Hiring  Verified job posting This job post has been [manually reviewed](https://jobicy.com/tools/help-center/employee/how-does-jobicy-verify-the-legitimacy-of-remote-job-listings.md) for authenticity and compliance.

###  AI Summary

Nebius is seeking an Application Security Engineer to fortify its AI cloud platform. The role involves building and maintaining ASPM tools, identifying vulnerabilities, and collaborating with development teams to integrate security into the SDLC. Candidates need 4+ years of experience, proficiency in secure coding and penetration testing, and knowledge of OWASP Top 10. The company offers competitive compensation and a fast-paced, innovative environment. This position is ideal for a self-driven security expert passionate about protecting cutting-edge AI infrastructure.

### Role DNA

Job Complexity Easy Hard Pace & Pressure Relaxed Fast-paced Autonomy Level Guided Full Ownership Communication Load Independent Highly Collaborative

AI Insight The role requires 4+ years of experience, deep technical skills in secure coding, vulnerability assessment, and penetration testing, along with the ability to collaborate and work independently, making it a challenging position.

### Salary Analysis

Median  Above Market  EUR157,500EU Market EUR60k – 150k 0 EUR173k      AI Insight The offered salary range of €75,000 to €240,000 is competitive, with a median of €157,500, which is above the European market average for this role. The wide range reflects potential for seniority and location adjustments.

### Core Skills Required

[Application Security](https://jobicy.com/jobs?search_keywords=Application+Security.md) [OWASP Top 10](https://jobicy.com/jobs?search_keywords=OWASP+Top+10.md) [Penetration Testing](https://jobicy.com/jobs?search_keywords=Penetration+Testing.md) [Secure Coding](https://jobicy.com/jobs?search_keywords=Secure+Coding.md) [Vulnerability Assessment](https://jobicy.com/jobs?search_keywords=Vulnerability+Assessment.md) [Threat Modeling](https://jobicy.com/jobs?search_keywords=Threat+Modeling.md) [Burp Suite](https://jobicy.com/jobs?search_keywords=Burp+Suite.md) [Python](https://jobicy.com/jobs?search_keywords=Python.md) [Go](https://jobicy.com/jobs?search_keywords=Go.md) [SDLC](https://jobicy.com/jobs?search_keywords=SDLC.md)

### Cover Letter Sample

Dear Hiring Team,

I am writing to express my interest in the Application Security Engineer position at Nebius. With over 4 years of experience in application security, I have a strong track record of identifying and mitigating vulnerabilities, implementing secure coding practices, and collaborating with development teams. My expertise includes conducting manual and automated penetration testing, threat modeling, and using tools like Burp Suite and Semgrep. I am particularly drawn to Nebius's mission of leading AI cloud infrastructure and am eager to contribute to securing your platform. Thank you for considering my application.

Sincerely,
[Your Name]

Copy

### Sample Interview Questions

Describe your experience with OWASP Top 10 and how you have mitigated these vulnerabilities in past projects.I have extensive experience with OWASP Top 10, having worked on web applications where I mitigated SQL injection by using parameterized queries, XSS by input sanitization, and CSRF by implementing anti-CSRF tokens. I also conducted regular scans and code reviews to ensure compliance.How would you integrate security into a CI/CD pipeline?I would incorporate security scanning tools like SAST (e.g., Semgrep) and DAST (e.g., OWASP ZAP) into the pipeline, set thresholds for severity levels, and automate vulnerability assessments. Additionally, I would enforce secure coding standards and conduct peer reviews.Can you explain the process of threat modeling you use?I typically follow the STRIDE methodology, identifying threats for each component, then prioritizing based on impact and likelihood. I use tools like Microsoft Threat Modeling Tool and collaborate with developers to mitigate risks early.Describe a challenging vulnerability you found and how you remediated it.I once discovered a remote code execution vulnerability in a legacy application. I worked with the development team to apply input validation, update dependencies, and implement a web application firewall rule as a temporary fix until a patch was deployed.How do you stay updated with the latest security threats?I follow security blogs, subscribe to mailing lists like OWASP and SANS, attend conferences, and participate in CTF competitions. I also review CVE databases and apply relevant patches to our systems.  About Nebius:

Nebius is leading a new era in cloud infrastructure for the global AI economy. We are building a full-stack AI cloud platform that supports developers and enterprises from data and model training through to production deployment, without the cost and complexity of building large in-house AI/ML infrastructure.

Built by engineers, for engineers. From large-scale GPU orchestration to inference optimization, we own the hard problems across compute, storage, networking and applied AI.

Listed on Nasdaq (NBIS) and headquartered in Amsterdam, we have a global footprint with R&D hubs across Europe, the UK, North America and Israel. Our team of 1,500+ includes hundreds of engineers with deep expertise across hardware, software and AI R&D.

The role

The Security Engineering Team within the Platform Security organization is responsible for the strategic selection, implementation, management, and optimization of cybersecurity tools and technologies that improve security capabilities of the organization’s platform. This team is instrumental in fortifying the security posture, proactively identifying and responding to security threats, ensuring the resilience and protection of critical data, systems, and services.

We are looking for an Application Security Engineer who will ensure the security of our software by identifying and mitigating vulnerabilities, implementing best security practices, and collaborating with development teams. The ideal candidate will have a strong background in secure coding, vulnerability assessment, and penetration testing.

Your responsibilities will include:

*

Build and maintain ASPM tools and their rules.

*

Identify, analyze, and remediate application security vulnerabilities using tools like ASPM.

*

Collaborate with development teams to integrate security best practices into the software development lifecycle (SDLC).

*

Conduct manual and automated penetration testing of applications.

*

Develop and maintain secure coding guidelines for development teams.

*

Facilitate threat modeling and risk assessments on new and existing applications.

*

Stay updated on the latest security threats, vulnerabilities, and mitigation techniques.

*

Serve as an application security subject matter expert to other teams.

We expect you to have:

*

4+ years of experience in application security.

*

Strong knowledge of common application security risks (e.g. OWASP Top 10) and how to mitigate them.

*

Experience with secure coding practices in languages such as Python, Go, Java, or JavaScript.

*

Proficiency in a common programming language (such as Go or Python) with a willingness to learn Go, if necessary.

*

Hands-on experience with security testing tools (Burp Suite, ZAP, Semgrep, etc.).

*

Understanding of authentication protocols like SAML or OIDC.

*

Experience in conducting threat-modeling sessions.

*

Strong problem-solving and analytical skills.

*

Good written and verbal communication skills in English.

*

Willingness to learn new things.

*

Being comfortable working independently.

It would be an added bonus if you had:

* Confidence in presenting your ideas and opinions in a manner that can be challenged, while responding well to feedback.
*

Experience in designing, building, and maintaining security automation.

*

Experience in translating compliance and regulation requirements into technical specifications.

*

Experience in exploiting vulnerabilities in web applications, Linux kernels, containers, and networks.

*

Security certifications such as OSCP or OSWE.

We conduct coding interviews as part of the process.

Pay Transparency

We offer competitive compensation and benefits packages. Actual compensation will be determined based on job-related factors, including experience, skills, qualifications, the level at which the candidate is hired, and geographic location, consistent with applicable law.

Base Compensation Range€75.000—€240.000 EUR

Benefits & Perks:

* Competitive compensation
* Career growth and learning opportunities
* Flexibility and ownership
* Collaborative and innovative culture
* Opportunity to work on impactful AI projects
* International environment and talented teams

What’s it like to work at Nebius:

Fast moving – Bold thinking – Constant growth – Meaningful impact – Trust and real ownership – Opportunity to shape the future of AI

Equal Opportunity Statement:

Nebius is an equal opportunity employer. We are committed to fostering an inclusive and diverse workplace and to providing equal employment opportunities in all aspects of employment. We do not discriminate on the basis of race, color, religion, sex (including pregnancy), national origin, ancestry, age, disability, genetic information, marital status, veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by applicable law.

Applicants must be authorized to work in the country in which they apply and will be required to provide proof of employment eligibility as a condition of hire.

If you need accommodations during the application process, please let us know.

Show more

[Apply now >](https://jobicy.com/jobs/146769-application-security-engineer-2.md)

*

![Upload CV](data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSI2NSIgaGVpZ2h0PSI2NSIgZmlsbD0ibm9uZSIgeG1sbnM6dj0iaHR0cHM6Ly92ZWN0YS5pby9uYW5vIj48ZyBjbGlwLXBhdGg9InVybCgjQSkiPjxwYXRoIGQ9Ik0wIDBINjVWNjVIMFYwWiIgZmlsbD0iIzAyOWFlYiIvPjxnIGZpbGw9IiNmZmYiIHN0cm9rZT0iI2ZmZiIgc3Ryb2tlLXdpZHRoPSIyIj48cGF0aCBkPSJNMzMuMDQ5IDE1LjQ1NGExLjQzIDEuNDMgMCAwIDAtMi4wOTcgMGwtNy41NzkgOC4xNDdhMS4zOCAxLjM4IDAgMCAwIC4wOSAxLjk3MyAxLjQ0IDEuNDQgMCAwIDAgMi4wMDgtLjA4OGw1LjEwOS01LjQ5MnYyMC42MWExLjQxIDEuNDEgMCAwIDAgMS40MjEgMS4zOTdjLjc4NSAwIDEuNDIxLS42MjUgMS40MjEtMS4zOTd2LTIwLjYxbDUuMTA5IDUuNDkyYTEuNDQgMS40NCAwIDAgMCAyLjAwOC4wODggMS4zOCAxLjM4IDAgMCAwIC4wOS0xLjk3M2wtNy41NzktOC4xNDZ6TTE2Ljc2OSAzOC40YzAtLjc3My0uNjItMS40LTEuMzg1LTEuNFMxNCAzNy42MjcgMTQgMzguNHYuMTAybC4yMTUgNi4yMjljLjIyMyAxLjY4LjcwMSAzLjA5NSAxLjgxMyA0LjIxOHMyLjUxIDEuNjA3IDQuMTcyIDEuODMzYzEuNi4yMTggMy42MzYuMjE4IDYuMTYuMjE4aDExLjI4bDYuMTYtLjIxOGMxLjY2Mi0uMjI2IDMuMDYxLS43MDkgNC4xNzItMS44MzNzMS41ODktMi41MzggMS44MTMtNC4yMThDNTAgNDMuMTEzIDUwIDQxLjA1NSA1MCAzOC41MDNWMzguNGMwLS43NzMtLjYyLTEuNC0xLjM4NS0xLjRzLTEuMzg1LjYyNy0xLjM4NSAxLjRsLS4xOSA1Ljk1OGMtLjE4MiAxLjM3LS41MTUgMi4wOTUtMS4wMjYgMi42MTJzLTEuMjI4Ljg1My0yLjU4MyAxLjAzOGMtMS4zOTUuMTktMy4yNDMuMTkzLTUuODkzLjE5M0gyNi40NjJjLTIuNjUgMC00LjQ5OC0uMDAzLTUuODkzLS4xOTMtMS4zNTUtLjE4NC0yLjA3Mi0uNTIxLTIuNTgzLTEuMDM4cy0uODQ0LTEuMjQyLTEuMDI2LTIuNjEyYy0uMTg3LTEuNDEtLjE5MS0zLjI3OS0uMTkxLTUuOTU4eiIvPjwvZz48L2c+PGRlZnM+PGNsaXBQYXRoIGlkPSJBIj48cGF0aCBmaWxsPSIjZmZmIiBkPSJNMCAwaDY1djY1SDB6Ii8+PC9jbGlwUGF0aD48L2RlZnM+PC9zdmc+)

### Upload your resume now

To unlock remote work opportunities and be discovered by global employers.

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

## How to apply

## See a few more

Similar Cybersecurity remote jobs

*
![Liberty Mutual logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2021/08/a0f68d769896c0f098621799a6396382.jpeg)

Liberty Mutual

### [Assistant Director or Director, Global Cyber Insurance Strategy & Alignment](https://jobicy.com/jobs/148623-assistant-director-or-director-global-cyber-insurance-strategy-alignment.md)

Description Liberty Mutual Insurance is seeking a dynamic and highly motivated Assistant Director or Director to join our Global Cyber Insurance Strategy & Alignment team. This multifaceted role blends program…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeJul 3*
![ERNI logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/07/e3fa52100780-221.webp)

ERNI

### [Cybersecurity Analyst (Entry Level)](https://jobicy.com/jobs/148516-cybersecurity-analyst-entry-level.md)

ERNI is a fast-growing Software Development company headquartered and founded in Switzerland in 1994, with more than 800 employees. We are highly specialized in IT & software engineering to enable and…

![Philippines flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/ph.svg)
PH•Full TimeJul 3*
![Smartsheet logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/8b6103bd-221.jpg)

Smartsheet

### [Senior Security Engineer II, Application Security (Remote Eligible)](https://jobicy.com/jobs/147873-senior-security-engineer-ii-application-security-remote-eligible.md)

For over 20 years, Smartsheet has empowered teams to manage work seamlessly and scale solutions smarter. Now, in our most ambitious chapter yet, we are uniting human teams with AI…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 175k-245k/year*
![Vercel logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/a6aded72-221.png)

Vercel

### [Security Software Engineer, IAM](https://jobicy.com/jobs/147750-security-software-engineer-iam.md)

About Vercel: Vercel is the agentic infrastructure company. We free people and agents to ship what’s next. For more than a decade, Vercel has shaped how the web is built….

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 208k-312k/year*
![Synthesia logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/06/c69aad11-221.webp)

Synthesia

### [Application Security Engineering Manager](https://jobicy.com/jobs/146803-application-security-engineering-manager.md)

Synthesia is the world’s leading AI video platform for business, used by over 90% of the Fortune 100. Founded in 2017, the company is headquartered in London, with offices and…

![UK flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/gb.svg)

![Europe flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/eu.svg)
GB, EU•Full TimeJun 16*
![Experian logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2021/09/dcc5b29a570bb19b9f5c3e150db2fdfe.jpg)

Experian

### [Cyber Defense Senior Analyst](https://jobicy.com/jobs/146651-cyber-defense-senior-analyst.md)

Company DescriptionExperian is a global data and technology company, powering opportunities for people and businesses around the world. We help to redefine lending practices, uncover and prevent fraud, simplify healthcare,…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeJun 16*
![Fivetran logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/3b8e4532-221-1.jpg)

Fivetran

### [Lead Sales Engineering Specialist – Security](https://jobicy.com/jobs/146498-lead-sales-engineering-specialist-security.md)

From Fivetran’s founding until now, our mission has remained the same: to make access to data as simple and reliable as electricity. With Fivetran, customer data arrives in their warehouses,…

![EMEA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/emea.svg)

![Ireland flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/ie.svg)
EMEA, IE•Full TimeJun 14*
![Truelogic logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/e7ae6cb6-221-1.png)

Truelogic

### [Senior SecOps Automation Engineer – Consumer FinTech](https://jobicy.com/jobs/146284-senior-secops-automation-engineer-consumer-fintech.md)

About TruelogicAt Truelogic we are a leading provider of nearshore staff augmentation services headquartered in New York. For over two decades, we’ve been delivering top-tier technology solutions to companies of…

![LATAM flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/latam.svg)
LATAM•Full TimeJun 12*
![Pair Team logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/105c0d0c-221.png)

Pair Team

### [Senior Security Engineer](https://jobicy.com/jobs/146199-senior-security-engineer.md)

About Pair TeamPair Team is building a new kind of healthcare system across Medicaid, Medicare, and public assistance programs: one that recognizes that access to housing, nutritious food, and reliable…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeUSD 170k-190k/year*
![ECS logo](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2025/06/e346542a-221.png)

ECS

### [Computer Security System Specialist](https://jobicy.com/jobs/146111-computer-security-system-specialist.md)

ECS is seeking an experienced Computer Security System Specialist to work remotely providing cybersecurity support for the work performed under this contract for NIH NIAID Enabling and Advancing Technologies (NEAT). All other tasks…

![USA flag](https://cloud.jobicy.com/nyc4-cold/img/round-flags/us.svg)
US•Full TimeJun 10
[More Jobs](https://jobicy.com/jobs.md)