Senior Application Security Engineer (Spain)

Infiterra Inc.

Job Overview

Location

Spain (Remote)

Job Type

Full-time

Full Job Description

📋 Description

• Senior Application Security Engineer role focused on embedding security into the software development lifecycle (SDLC) to ensure secure-by-design practices are integrated from requirements through deployment and maintenance, directly supporting Infiterra’s mission to grow and transform the subscription economy through its subscription commerce platform.
• Day-to-day responsibilities include integrating security activities across all SDLC phases, partnering with engineering teams to apply secure development practices consistently, reviewing security controls for new features and architectural changes, conducting threat modeling using methodologies like STRIDE, performing security-focused code and architecture reviews, executing manual and automated web application security testing (including injection flaws, auth issues, access control gaps, and logic flaws), operating and improving AppSec tooling (SAST, DAST, SCA, secrets scanning, dependency scanning), integrating security checks into CI/CD pipelines, supporting incident response during vulnerability disclosures, contributing to triage and root cause analysis, and enabling engineers through training, documentation, and secure coding guidelines.
• The Engineering team is distributed across Greece with headquarters in Thessaloniki, but this role is fully remote based in Spain, working within a tech-driven, international team that values collaboration, innovation, and performance excellence in delivering subscription commerce solutions to IT distributors, MSPs, and telcos.
• In this role, you will deepen your expertise in application security, gain hands-on experience shaping security culture in a fast-growing SaaS environment, influence secure design patterns across microservices and cloud-native architectures, contribute to building measurable AppSec maturity, and develop leadership in enabling engineering teams to own security as a shared responsibility — all while working with cutting-edge tooling and practices in a flexible, supportive environment.

🎯 Requirements

• Strong understanding of secure software development principles
• Solid knowledge of common vulnerability classes (OWASP Top 10, CWE)
• Hands-on experience with application security tools (SAST, DAST, SCA, etc.) and integrating them into CI/CD pipelines
• Experience performing manual and automated web application security testing
• Ability to assess risk pragmatically and prioritize remediation in cloud-native architectures, APIs, and microservices
• Background working closely with product and engineering teams in agile SDLCs

🏖️ Benefits

• Fully remote work with work-from-anywhere scheme (travel and work)
• Flexible working hours
• Health and life insurance program
• Learning & development budget
• Tech-driven, friendly team with an international mindset

Skills & Technologies

Senior

Remote

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Infiterra Inc.

Visit Website

About Infiterra Inc.

Infiterra Inc. is a technology company focused on developing and deploying advanced solutions for the energy sector. Their core offerings revolve around leveraging artificial intelligence and machine learning to optimize oil and gas exploration, production, and reservoir management. By analyzing vast datasets, Infiterra aims to enhance recovery rates, reduce operational costs, and improve safety and environmental performance for their clients. The company provides a suite of software tools and consulting services designed to integrate seamlessly with existing energy infrastructure. Their innovative approach helps energy companies make more informed decisions, mitigate risks, and maximize the value of their subsurface assets in an increasingly complex global market.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.