Key skills
PythonGCPTerraformKubernetesDockerGitHub ActionsGKEGitHubSDLCCI/CDPenetration Testing
About this role
Wiset is seeking a hands-on Senior Application Security Engineer for a high-growth fintech client. The role focuses on embedding security into the SDLC, managing vulnerabilities, and enhancing DevSecOps practices within a cloud-native environment.
Responsibilities:
- Secure CI/CD pipelines with GitHub Actions (SAST, SCA, IaC scanning, secret detection)
- Vulnerability management program — triage, prioritization, remediation tracking
- Security architecture reviews and threat modeling for new features
- Coordination of internal and external penetration testing engagements
- SOC 2 and PCI DSS compliance controls and evidence gathering
Requirements:
- Proven experience in Application or Product Security
- Hands-on with SAST, DAST, SCA and secret scanning tools
- Strong Python skills
- GCP, Kubernetes/GKE, Docker — you know this stack
- Familiarity with DefectDojo, Checkov, Terraform
- Background in fintech or regulated environments (SOC 2, PCI DSS)