Application Security Engineer

Parallels Inc Remote, US,
$120,000 - $130,000Remote

About The Position

Parallels is seeking a highly motivated and talented Application Security Engineer to join our team. In this role, you will make security decisions that impact millions of our customers while gaining hands-on experience in exploit development and CVE discovery. The ideal candidate will combine an attacker mindset with the humility and detail-oriented attitude required to coordinate fixes and security architecting with busy engineers. Your primary responsibility will be to coordinate with more senior members of our team to write exploits and design fixes for existing application vulnerabilities. You will also help search for new critical/high risk vulnerabilities in our codebase. In addition, you will assist in vulnerability disclosure processes and help implement repeatable secure development practices. As issues are uncovered, you will communicate with the appropriate technical and leadership teams to ensure a focus on risk mitigation – allowing for business continuity, but without negligent risk. Application security engineers are constantly assessing applications for weaknesses and finding resolutions before they can be abused.

Requirements

  • An attacker mindset: engineers will often want proof before fixes are implemented
  • Eagerness to learn – you are not expected to know everything coming in, but you should continuously learn new techniques on the job
  • The ability to communicate clearly, acknowledge mistakes, and disagree when necessary
  • Demonstrable passion for offensive security
  • Experience reading, writing and debugging C++ and Python code
  • Basic experience with memory exploitation techniques
  • Demonstrable experience with web exploitation techniques and tools (e.g. PortSwigger lab scoreboards)
  • Excellent written and oral communication skills

Nice To Haves

  • BSc/MS in computer science or a related field
  • Previous CVEs in desktop applications
  • Proficiency with reverse engineering tools
  • Significant experience in memory exploitation techniques (e.g. gaining code execution from memory vulnerabilities in modern operating systems)
  • Familiarity with cloud security best practices
  • 3+ years of industry experience
  • OSCP/OSWE/OSED/RET2 certification

Responsibilities

  • Reproduce and triage incoming vulnerabilities from security automation/bug bounty programs, then propose granular fixes to engineers
  • Discover vulnerabilities and construct exploits for core Parallels applications such as Parallels Remote Application Server
  • Assist in the CVE disclosure process
  • Provide threat models and design reviews for teams throughout the company
  • Assist in tuning existing static analysis, dynamic analysis, and dependency management tools

Benefits

  • Equal employment opportunities to all qualified applicants and employees without regard to race, color, age, religion, national origin, sex, political affiliation, sexual orientation, marital status, disability, veteran status, genetics, or any other protected characteristic.
  • Inclusive, barrier-free recruitment and selection process and work environment.
  • Accommodations required for job opportunities.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service