Senior Security Engineer (Remote, Full-Time) [AS219] PK
About Smart Working At Smart Working, we believe your job should not only look right on paper but also feel right every day. This isn’t just another remote opportunity - it’s about finding where you truly belong, no matter where you are. From day one, you’re welcomed into a genuine community that values your growth and well-being. Our mission is simple: to break down geographic barriers and connect skilled professionals with outstanding global teams and products for full-time, long-term roles. We help you discover meaningful work with teams that invest in your success, where you’re empowered to grow personally and professionally. Join one of the highest-rated workplaces on Glassdoor and experience what it means to thrive in a truly remote-first world.
About the Role
As a Senior Security Engineer, you will play a critical role in designing and implementing security controls across mobile applications, backend services, and web platforms. You will help ensure that systems are secure by design, protecting both customer data and platform integrity while meeting strict internal security standards and regulatory requirements. Working closely with engineering teams, you will contribute to embedding security practices across the development lifecycle, from secure coding and threat modelling to DevSecOps and infrastructure security. You will help identify vulnerabilities, assess risk, and implement proactive security measures that strengthen the organisation’s overall security posture. This role is ideal for a security engineer who enjoys working at the intersection of application security, secure architecture, and engineering enablement, helping development teams build resilient and compliant systems. n
Responsibilities
Design and implement security controls for mobile applications, backend services, and web platforms Conduct threat modelling and risk assessments for new and existing systems Embed secure coding practices across engineering teams, aligned with OWASP standards Partner with engineers to ensure security is integrated throughout the software development lifecycle (SDLC) Identify and remediate application vulnerabilities and security risks Contribute to the implementation and improvement of DevSecOps practices Provide guidance on secure architecture and secure software design Support the development and enforcement of security policies, controls, and engineering standards Improve the organisation’s application security posture through proactive security reviews and testing Work with teams to ensure systems meet internal security standards and external regulatory requirements Provide security expertise for infrastructure components including containers and cloud-native environments Contribute to incident response and vulnerability management processes Requirements 6+ years of experience in security engineering or application security 3+ years of experience in Application Security (AppSec) 3+ years of experience conducting threat modelling and risk assessments 3+ years of experience applying secure coding principles aligned with OWASP standards Strong understanding of application security vulnerabilities and mitigation strategies Proven experience collaborating with engineering teams to build secure-by-design applications 2–3 years of experience implementing DevSecOps practices 2–3 years of experience securing containerised environments such as Docker or Kubernetes 2+ years of experience applying cryptography and encryption techniques in application security
Nice to Have
Experience working within a bank, fintech company, or other regulated environment Familiarity with financial services security standards and regulatory frameworks Experience securing mobile applications and modern web platforms n Apply To This Job