Application Security Engineer - Global SaaS

Application Security Engineer - Global SaaS

Posted Today by Principle HR

Apply
Negotiable
Inside
Hybrid
Dublin
Apply
Application Programming Interface (API) Application Security Common Vulnerability Scoring System (CVSS) Financial Information eXchange (FIX) Protocol GraphQL Java (Programming Language) JavaScript (Programming Language) Open Web Application Security Project (OWASP) ServiceNow Software as a Service (SaaS) Vulnerability

Summary: The role of Application Security Engineer involves assessing and triaging vulnerability reports for a global enterprise SaaS company. The position requires hands-on experience in application security, including pentesting and bug bounty programs, to effectively analyze and mitigate security risks. The engineer will work closely with engineering teams to implement fixes based on real-world findings. This is a short-term contract with significant responsibilities and impact in the field of application security.

Key Responsibilities:

  • Triaging vulnerability reports from customers and researchers.
  • Rebuilding setups in a lab to analyze vulnerabilities.
  • Tracing attack paths through code to identify security issues.
  • Collaborating with engineering teams to provide clear routes to fixes.

Key Skills:

  • 3+ years in application security, including pentesting, bug bounty, or product security.
  • Strong knowledge of OWASP Top 10 and advanced vulnerabilities.
  • Hands-on experience with ServiceNow platform security.
  • Ability to read and trace code in JavaScript and Java.
  • Fluency in CVSS and effective communication of security findings.

Salary (Rate): £86,000 yearly

City: Dublin

Country: Ireland

Working Arrangements: hybrid

IR35 Status: inside IR35

Seniority Level: Mid-Level

Industry: IT

Detailed Description From Employer:

You're handed a vulnerability report. Is it real? How bad? What breaks if it's ignored? If those three questions get you out of bed, read on.

You'll join the application security team of a global enterprise SaaS leader, triaging the findings their customers and the world's best researchers throw at them - rebuilding the setup in a lab, tracing the attack path through the code, and handing engineering a clean route to a fix. Real reports, real impact, no box-ticking.


What's in it for you

  • Annual Salary up to €100,000, pro rata
  • Premium 3-month contract - PAYE
  • Paid weekly, PAYE through Principle HR
  • Location: Dublin - Remote/ hybrid

What you'll need

  • 3+ years in application security - pentesting, bug bounty or product security
  • Strong on the OWASP Top 10 and beyond: SSRF, IDOR, SQLi, XSS, GraphQL abuse, prototype pollution
  • Hands-on ServiceNow platform security - ACLs/roles, scoped apps, business rules, scripted REST APIs, GlideRecord/Table API
  • Able to read and trace code across JavaScript and Java
  • CVSS fluency - the reasoning, not just the number, and the knack of writing it up for a CISO and an account team alike

Short contract, serious work, and a platform you'll recognise the moment you read the skills. If you can triage with the best of them, send your CV over and let's chat.


Apply Now.

Som |

Apply
Similar Jobs
Loading data...