Senior Application Security Engineer

Who Are We?

We’re not just a company; we’re a global force. Fiercely committed to ensuring that everyone, everywhere, can live their lives digitally safe.  Our family of brands – Norton, Avast, LifeLock, Avira, AVG, ReputationDefender and CCleaner – unite the brightest minds, the sharpest tech and the most diverse thinking to protect over 500 million people . And we’ve built an inclusive workplace, where your well-being is a priority because true success comes from a place of balance and authenticity. When you're thriving, you’re unstoppable. So, bring us your bold ideas and passion that refuses to quit. The digital world isn’t some distant reality – it's the world we live in, and we’re ready for it. If you’re ready to push boundaries and be part of something bigger, join #TeamGen.

How We Work?

Our hybrid work style—2-3 days in the office—gives us the face-to-face time to have creative conversations, meaningful meetings, make quick decisions and build relationships. And it’s flexible enough to give you the space to do your best work.

We seek team members to work with development teams, ensuring secure coding practices are integrated throughout the software development lifecycle. You will provide security guidance to developers and stakeholders, fostering a culture of security awareness within the organization. As an Application Security Engineer, you will identify and mitigate security vulnerabilities in software applications through tool integration, code reviews, and security assessments.

Mission and Goals (About The Role) :

As a key player in our Application Security team, your mission is to ensure that our products are secure, resilient, and continuously improving. You'll work across client, web, and mobile teams to lead our  bug bounty program , engage in  security reviews and threat modeling , and shape the future of secure development within the company.

You’ll be responsible for :

Managing and driving our bug bounty program, collaborating with internal teams and external researchers to resolve issues and refine our processes.

Leading and advising on application security reviews and threat modeling.

Maintaining and improving documentation and procedures related to application security, setting the standard for review quality.

Promoting and delivering  security training  to development teams, focusing on secure coding and tool usage.

Building program-level visibility through metrics and dashboards that clearly demonstrate tool and program impact.

Effectively communicating across teams with strong influencing and negotiation skills.

Quickly analyzing complex security problems and offering clear, effective solutions.

Objectives (What You Will Do In This Role) :

Lead initiatives that strengthen our secure development lifecycle.

Act as the go-to resource for application security best practices.

Coach and support engineering teams in adopting secure coding principles.

Analyze security incidents and propose practical mitigation strategies.

Continuously improve program transparency using data-driven insights and metrics.

Competencies (What You’ll Need to be Successful in this Role) :

A builder mindset with hands-on software engineering experience – you don’t just identify security issues, you understand and fix them.

Experience with programming languages such as  C / C++ ,  Java , and scripting languages like  Python  or  Go .

Solid background in application security, secure coding practices, and familiarity with industry frameworks.

Understanding of security in  desktop, mobile, and web applications .

Proficiency with common security tools (e.g., static analysis, software composition analysis).

Ability to explain and mitigate common security flaws (e.g.,  OWASP Top 10 ,  CWE ).

Data-driven thinking – using metrics to guide decision-making and measure progress.

Strong critical thinking and problem-solving skills.

Ability to design simple, effective solutions to complex technical challenges.

Experience iterating and improving processes and security programs.

Written and spoken  English at B2 level or higher .

#LI-VP1

Gen is proud to be an equal-opportunity employer, committed to diversity and inclusivity. We base employment decisions on merit, experience, and business needs, without considering race, color, national origin, age, religion, sex, pregnancy, genetic information, disability, medical condition, marital status, sexual orientation, gender identity or expression, military or veteran status, or other unlawful factors. Gen prohibits discrimination based on these protected characteristics and recruits talented candidates from diverse backgrounds.

We consider individuals with arrest and conviction records and do not discriminate against employees for discussing their own pay or that of other employees or applicants. Learn more about pay transparency.

To conform to U.S. export control regulations, applicant should be eligible for any required authorizations from the U.S. Government.