Senior Application Security Engineer

AppsFlyer's Security team is looking for a highly skilled and security-savvy Application Security Engineer to lead our product and application security efforts. In this role, you will drive security design, ensure secure coding practices, and validate our services and environments against the highest security standards.

You will work closely with our R&D and Product teams to identify, mitigate, and prevent security risks throughout the software development lifecycle (SDLC). As a senior engineer, you will own security initiatives, mentor developers on security best practices, and play a key role in shaping the security posture of AppsFlyer's products.

The ideal candidate is highly motivated, eager to learn, and has a "security by design" mindset. This role provides career growth opportunities, enabling you to deepen your expertise in AppSec, DevSecOps, and cloud security.

What you'll do:

Partner with development and product teams to integrate security best practices into the SDLC

Lead threat modeling and architecture security reviews to proactively identify and mitigate risks

Conduct security assessments, including code reviews, vulnerability scans, penetration testing, and secure product design reviews

Stay up to date with emerging security threats, vulnerabilities, and industry trends, ensuring AppsFlyer remains ahead of evolving risks.

Support and contribute to security incident response activities, including root cause analysis and post-incident improvements

Automate security processes and integrate security tools within CI/CD pipelines

Develop and deliver secure coding training to engineering teams

What you have:

4+ years of experience in Application Security, Penetration Testing, or Product Security in a SaaS company

Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience)

Deep understanding and hands-on experience of web application security, including OWASP Top 10, authentication, encryption, and secure coding principles

Proficiency in scripting or programming languages (Python, JavaScript, Go, etc.) for security automation

Experience with cloud security best practices (AWS, GCP, or Azure)

Hands-on experience with DevSecOps and integrating security tools into CI/CD pipelines

Strong communication skills, with the ability to explain security risks and recommendations to technical and non-technical stakeholders, including executive management

Experience working with large-scale, complex R&D environments

Bonus Points:

Being introduced by an AppsFlyer team member

As a global company operating from 25 offices across 19 countries, we reflect the human mosaic of the diverse and multicultural world in which we live. We ensure equal opportunities for all of our employees and promote the recruitment of diverse talents to our global teams without consideration of race, gender, culture, or sexual orientation. We value and encourage curiosity, diversity, and innovation from all our employees, customers, and partners.

"As a Customer Obsessed company, we must first be Employee Obsessed. We need to make sure that we provide the team with the tools and resources they need to go All-In." Oren Kaniel, CEO