Senior Security Engineer – Application

🕒 April 13

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Preply

WebsiteLinkedInAll Job Openings

501 - 1000 employees

Founded 2012

📚 Education

🏪 Marketplace

👥 B2C

Education • Marketplace • B2C

Preply is an online education marketplace that connects learners with professional tutors for live, personalized 1-on-1 lessons across languages and other subjects. The platform offers thousands of vetted tutors, user reviews, mobile apps, and tools for scheduling and secure payments, plus plans for individuals and corporate language training. Preply focuses on tailored learning paths, flexible scheduling, and progress tracking to help students improve conversational and exam skills.

📋 Description

• Own application and product security, partnering closely with engineering teams to improve security outcomes across the full SDLC • Act as a strong technical voice in how we design, build, ship, and operate secure systems, driving initiatives end-to-end through influence, collaboration, and hands-on execution • Work hands-on with our core backend stack (Python, Django), reading and writing code, contributing improvements, and building automation to scale security with product engineering teams to embed security into planning, design, and delivery, without slowing teams down • Participate in architecture discussions and design reviews to identify risk early and propose pragmatic mitigations • Lead and facilitate threat modeling for new features and significant changes, and translate results into prioritized engineering work • Improve the secure SDLC end-to-end: requirements, secure design, implementation guidance, testing, release, and operational readiness • Build “paved paths” and guardrails that make secure choices the default (libraries, patterns, templates, CI checks) • Mature code and application security tooling, including selection, rollout, and adoption: SAST, SCA (We now use Snyk), secret scanning, and relevant DAST/API testing where it adds signal • Integrate findings into developer workflows with clear ownership, SLAs, and low-friction remediation • Proactively discover security issues through code review support, automation, security testing, and targeted assessments • Improve vulnerability management for application and product security findings: triage, prioritization, remediation, verification, and trend reporting • Create and deliver training and enablement for engineers (secure coding, common pitfalls, new patterns), and help grow security champions across teams • Partner with GRC to ensure security requirements and controls are feasible, well understood, and evidenced through real engineering practice • Lead engineering wide initiatives, managing stakeholders and aligning with business to deliver high impact results

🎯 Requirements

• Strong experience in application and product security in modern web environments, with a track record of improving security outcomes across the SDLC • Strong coding ability and comfort working in a Python/Django codebase (reading, writing, reviewing, and proposing improvements) • Demonstrated experience influencing engineering teams through design reviews, threat modeling, and practical guidance • Strong understanding of common web and API security risks (OWASP Top 10, auth and session risks, SSRF, injection, access control issues, secrets exposure, unsafe deserialization, etc.) and how they show up in real systems • Experience selecting, introducing, and scaling security tooling in CI/CD (SAST, SCA, secret scanning, and related controls), including tuning to reduce noise and improve developer adoption • Ability to turn findings into action: clear severity, ownership, prioritization, and verification, with an emphasis on automation and repeatability • Strong communication skills and the ability to collaborate across Product Engineering, Platform Engineering, SRE, Data teams, and GRC • Business-oriented mindset and comfort making cost-benefit tradeoffs • Willingness to participate in on-call rotations and partner effectively with SRE during incidents

🏖️ Benefits

• A generous monthly allowance for lessons on Preply.com • Learning & Development budget and time off for your self-development • A competitive financial package with equity and leave allowance