Senior Full Stack Security Developer

About The Position

Requirements

• Bachelor's degree in Computer Science, Engineering, or related field
• 5+ years of working experience with Laravel, PHP, and front-end technologies such as JavaScript, HTML, CSS and Angular framework
• 5+ years of hands-on experience with Java and SpringBoot
• 5+ years of experience working with RDBMS, e.g. MySQL, MSSQL, NoSQL, e.g. MongoDB, ELK and data streaming technologies (Kafka)
• Expert in OWASP, static/dynamic analysis, and common security tools including Burp Suite and OWASP Zap
• Strong skill in secure code review and remediation guidance
• Knowledge of API security, authentication/authorization (OAuth2, JWT, OpenID Connect)
• Understanding of secrets management and secure configuration practices
• Experience with CI/CD pipelines (Jenkins, GitHub, Vault, Security scanning tools, etc.)
• Familiarity with thread modeling methodologies (e.g. Stride, Pasta)
• Ability to work in an Agile environment
• Excellent and professional communication skills (written and verbal) with an ability to articulate complex topics in a clear and concise manner

Nice To Haves

• Familiarity with major architectural styles, such as Microservices, React or Event-driven systems
• Strong knowledge of Microservices architecture and API integration
• Experience using AI-assisted development tools (e.g. Github Copilot, Windsurf, Claude Code) to improve the productivity and quality
• Ability to design and build AI-enabled security tools, such as: Automated vulnerability triage and remediation suggestions; AI-driven threat modeling assistants; Intelligent code analysis and risk scoring systems
• Background in penetration testing or red teaming
• Knowledge of Azure and OpenShift container platform
• Knowledge of AI security risk
• CISSP certification

Responsibilities

• Lead application security reviews, threat modeling, and code reviews to identify and mitigate vulnerabilities before they reach production
• Own application security vulnerability management, from discovery through remediation and validation
• Design and implement automated security testing frameworks to enforce secure coding practices across the development lifecycle
• Manage security release cycles and coordinate security patches across the organization
• Support compliance and regulatory processes, including PCI certification, penetration testing, and annual security assessments
• Identify and recommend security improvements to strengthen our overall application security posture
• Mentor development and security teams through targeted training and knowledge-sharing initiatives
• Collaborate across multiple departments and stakeholders to integrate security into agile project workflows
• Champion security best practices as a trusted technical advisor

Benefits

• bonuses
• flexible benefits
• competitive compensation
• commissions
• stock where applicable
• Leaders who support your development through coaching and managing opportunities
• Ability to make a difference and lasting impact
• Work in a dynamic, collaborative, progressive, and high-performing team
• A world-class training program in financial services
• Flexible work/life balance options
• Opportunities to do challenging work