**About The Role **

At Immutable, security is at the core of what we do. As an Application Security Engineer, you will play a pivotal role in ensuring our products are safe for everyone to use. You will focus on implementing and maintaining security controls while balancing user experience and operational efficiency.

This role is crucial in supporting our security operations and vulnerability management program. You will work closely with engineering teams to mitigate risks and improve security processes. You will report to our** **Head of Security and be a key player in safeguarding Immutable's ecosystem.

**You'll Be Empowered To **

- Operate and improve our vulnerability management program by identifying, triaging, and mitigating security risks across our platform
- Automate security controls to ensure efficient and effective detection, response, and remediation of vulnerabilities
- Conduct security assessments and application reviews, identifying weaknesses and ensuring best practices in web application security
- Collaborate with engineering teams to integrate security best practices into development lifecycles
- Support security research initiatives, including bug bounty programs and responsible disclosure processes

**We'd Love You To Bring **

- Strong knowledge of web application vulnerabilities and their exploitation methods (e.g., OWASP Top 10)
- Proficiency in one or more programming languages (e.g., Python, Golang) to automate security tasks and improve workflows
- A curious mindset and passion for security, demonstrated through self-driven learning, research, or hands-on experience in security projects
- Extensive experience in security roles, with a focus on application security, vulnerability management, or automation
- Familiarity with DevOps security principles, including Kubernetes (K8s), AWS, Terraform, and infrastructure-as-code security practices
- Experience in triaging and analyzing security vulnerabilities, such as through bug bounty programs or responsible disclosures