Application Security Engineer
UK London
Bumble Inc.
Bumble has changed the way people date, create meaningful relationships & network with women making the first move. Meet new people & download Bumble.
Inclusion at Bumble Inc.
Bumble Inc. is an equal opportunity employer and we strongly encourage people of all ages, colour, lesbian, gay, bisexual, transgender, queer and non-binary people, veterans, parents, people with disabilities, and neurodivergent people to apply. We're happy to make any reasonable adjustments that will help you feel more confident throughout the process, please don't hesitate to let us know how we can help.In your application, please feel free to note which pronouns you use (For example: she/her, he/him, they/them, etc).
At Bumble the security of our customers is a top priority. As an application security engineer at Bumble, you should be mission-focused on protecting our customers’ data by securing our company’s applications and products.
You will architect, build, and support the security of Bumble's applications and products, protecting millions of users’ ability to form meaningful connections. With an attacker’s mindset, you will proactively identify potential attack vectors, while applying an engineering mindset to problem-solving—crafting creative solutions that reduce friction and enhance security through context-aware and automation-driven approaches.
In this role, you will work closely with our engineering teams to identify and remediate vulnerabilities, establish security best practices, provide security consulting and review services, and automate security processes.
Bumble Inc. is the parent company of Bumble, Badoo, Fruitz and Official. The Bumble platform enables people to build healthy and equitable relationships, through kind connections. Founded by Whitney Wolfe Herd in 2014, Bumble was one of the first dating apps built with women at the center and connects people across dating (Bumble Date), friendship (Bumble BFF) and professional networking (Bumble Bizz). Badoo, which was founded in 2006, is one of the pioneers of web and mobile dating products. Fruitz, founded in 2017, encourages open and honest communication of dating intentions through playful fruit metaphors. Official is an app for couples that promotes open and honest communication between partners and was founded in 2020.
Bumble Inc. is an equal opportunity employer and we strongly encourage people of all ages, colour, lesbian, gay, bisexual, transgender, queer and non-binary people, veterans, parents, people with disabilities, and neurodivergent people to apply. We're happy to make any reasonable adjustments that will help you feel more confident throughout the process, please don't hesitate to let us know how we can help.In your application, please feel free to note which pronouns you use (For example: she/her, he/him, they/them, etc).
At Bumble the security of our customers is a top priority. As an application security engineer at Bumble, you should be mission-focused on protecting our customers’ data by securing our company’s applications and products.
You will architect, build, and support the security of Bumble's applications and products, protecting millions of users’ ability to form meaningful connections. With an attacker’s mindset, you will proactively identify potential attack vectors, while applying an engineering mindset to problem-solving—crafting creative solutions that reduce friction and enhance security through context-aware and automation-driven approaches.
In this role, you will work closely with our engineering teams to identify and remediate vulnerabilities, establish security best practices, provide security consulting and review services, and automate security processes.
Key Accountabilities:
- Design and implement security testing tools within CI/CD pipelines to detect vulnerabilities early without impacting development speed.
- Collaborate with engineering teams to embed security best practices and enforce security at every stage of the SDLC.
- Conduct risk assessments and threat modelling exercises to identify potential vulnerabilities and prioritise security measures based on impact.
- Collaborate with engineers to design secure application architectures, identify potential risks, and recommend security controls.
- Identify and prioritise vulnerabilities, driving remediation efforts and offering mitigation strategies to engineering teams.
- Train engineering teams in secure practices and promote a security-first mindset across the organisation.
- Keep up with the latest security trends, threats, and technologies, updating practices as needed to address evolving risks.
Required Experience & Skills
- +3 years of hands-on experience in application security, including vulnerability management, secure software development, and threat modelling.
- Strong foundational knowledge in software engineering, ideally with experience in coding and software development to effectively assess security within application code.
- Proven track record of integrating security practices into the software development lifecycle (SDLC), including experience with CI/CD pipeline security.
- Demonstrated expertise in identifying, analysing, and prioritising vulnerabilities, as well as working closely with engineering teams on remediation.
- Ability to effectively communicate security concepts to non-security stakeholders and collaborate with cross-functional teams to drive security initiatives.
Experience with any of the following is a big plus:
- Knowledge of mobile application security principles, frameworks, and common vulnerabilities for iOS and Android is highly desirable.
- Familiarity with AI/ML security concepts, such as data integrity in training models, adversarial attacks, and privacy issues in AI applications is highly desirable.
About You:
- Your values align strongly with the Bumble Inc. values: Growth, Kindness, Equity, Accountability, and Honesty.
- Motivation to solve problems, not to patch over quick fixes.
- Ability to communicate with empathy when communicating about application and product security to operations & engineering.
- Be a constant learner who looks to solve interesting and challenging problems.
- Humble expert with a sense of urgency.
- Skilled at taking complex topics and making them simple.
Bumble Inc. is the parent company of Bumble, Badoo, Fruitz and Official. The Bumble platform enables people to build healthy and equitable relationships, through kind connections. Founded by Whitney Wolfe Herd in 2014, Bumble was one of the first dating apps built with women at the center and connects people across dating (Bumble Date), friendship (Bumble BFF) and professional networking (Bumble Bizz). Badoo, which was founded in 2006, is one of the pioneers of web and mobile dating products. Fruitz, founded in 2017, encourages open and honest communication of dating intentions through playful fruit metaphors. Official is an app for couples that promotes open and honest communication between partners and was founded in 2020.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
3
0
0
Categories:
AppSec Jobs
Security Engineering Jobs
Tags: Android Application security Automation CI/CD iOS Privacy Product security Risk assessment SDLC Vulnerabilities Vulnerability management
Perks/benefits: Equity / stock options Startup environment
Region:
Europe
Country:
United Kingdom
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsSenior Cloud Security Engineer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSenior Penetration Tester jobsSecurity Specialist jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsSystems Engineer jobsSystems Administrator jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsCloud Security Architect jobsIT Security Analyst jobsPrincipal Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
DevSecOps jobsKubernetes jobsEncryption jobsPowerShell jobsIDS jobsSplunk jobsSaaS jobsEDR jobsSDLC jobsIPS jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsBash jobsCompTIA jobsThreat detection jobsITIL jobsFinance jobsOWASP jobsDoDD 8570 jobsCRISC jobsDocker jobsActive Directory jobsBanking jobs
UNIX jobsTCP/IP jobsVPN jobsGIAC jobsTerraform jobsSANS jobsClearance Required jobsIT infrastructure jobsHIPAA jobsSOX jobsSOC 2 jobsOSCP jobsCISO jobsIndustrial jobsJavaScript jobsCCSP jobsData Analytics jobsDNS jobsSOAR jobsPolygraph jobsJira jobsAnsible jobsMITRE ATT&CK jobsCyber defense jobsGCIH jobs