Application Security Engineer

Company Description

Nexthink is the global leader in digital employee experience management. Our products allow enterprises to create highly productive digital workplaces for their employees by delivering optimal end-user experiences. Through a unique combination of real-time analytics, automation and employee feedback, Nexthink gives IT teams the insight they need to empower people at work.

Headquartered in Switzerland with US headquarters in Boston, Nexthink also has offices in France, UK, Germany, Spain and UAE. Our growing team of Nexthinkers is proud to be making the digital work lives of nearly ten million employees across 1,000 customers more productive.

At Nexthink, we believe actions are stronger than words when it comes to diversity, inclusivity, and equity in the workplace. Nexthinkers are multinational and multilingual, and come from all walks of life. We are committed to hiring a genuinely representative workforce that can create solutions and foster innovation for the modern digital employee experience. Join us today!

Job Description

As a scale-up experiencing rapid growth, we are seeking a passionate and talented Application Security Engineer to join our Security Assurance team. In this role, you will play a crucial part in ensuring the security of our multi-tenant SaaS offering, cross-platform endpoint agent and protecting our customers' data.

What you'll do:

• As a core member of the Security Assurance team, you will have significant input in defining the direction and goals of the application security program.
• Champion secure coding practices and make security a seamless part of the development lifecycle.
• Provide expert guidance to product teams on secure design principles and architecture, helping them eliminate vulnerabilities early in the development process.
• Develop and implement static and dynamic analysis rules to detect weaknesses in our codebase, ensuring continuous security assessment.
• Educate and mentor developers on security best practices and privacy standards, fostering a security-first culture within the organization.
• Stay abreast of the latest security threats, vulnerabilities, and industry best practices to proactively address emerging risks.
• Collaborate effectively with various teams, including engineering, product management, and operations, to ensure alignment on security initiatives.

Qualifications

What you'll need:

• 7+ years of hands-on experience in application security, secure software development, and threat modeling, with a strong understanding of secure coding principles and common vulnerabilities.
• Hands-on experience with static and dynamic analysis tools and techniques.
• Strong foundational knowledge in software engineering, ideally with coding and software development experience to assess security within application code.
• Experience with threat modeling and risk assessment methodologies
• Knowledge of web security principles, frameworks, and common vulnerabilities.
• Excellent communication and collaboration skills, with the ability to effectively convey security concepts to both technical and non-technical audiences.
• You communicate with empathy, especially when discussing application and product security with cross-functional teams.
• You are motivated by solving complex problems, not just quick fixes.
• A constant learner, you thrive on tackling interesting and challenging problems.
• You are a humble expert with a sense of urgency and a focus on results.
• A passion for security and a desire to contribute to a secure and innovative digital workplace.
• Fluent in English, both written and spoken.

Bonus points:

• Experience with cloud security best practices, particularly in AWS.  
• Familiarity with AI/ML security concepts, including data integrity in training models, adversarial attacks, and privacy issues in AI-driven applications.

Additional Information

We are the pioneers and trailblazers of a global IT Market Category (DEX) that is shaping the future of how the world works, giving our customers’ IT Teams total digital visibility across their enterprise. Our innovative solutions integrate real-time analytics, automation, and employee feedback across all endpoints. This enables our IT teams to solve complex technical challenges, create ever more productive workplaces, and deliver happy, satisfied employees in the digital workplace.

With over 1000 employees across 5 continents, Nexthink operates as One Team, connecting, collaborating and innovating to continuously grow. We call our employees ‘Nexthinkers’ and our commitment to diversity, inclusion, and equity is second to none. We currently have over 75 nationalities working with us, from all cultures and backgrounds, speaking many different languages.

If you are looking for a change and like a nice atmosphere, lots of challenges, and having fun while working, this is a great opportunity for you! Check what we offer:

• 💼 Permanent Contract and a competitive compensation package (Stock Options also included).
• 📍 Amazing centrally located offices near the Bernabeu Stadium.
• 🩺 Private Health Insurance (Sanitas) and daily meal vouchers of 11 EUR will be entirely covered by us.
• 🏡 Hybrid work model balancing office and remote work, with a structured approach for new hires to foster connections and onboarding.
•  🏖️ Flexible Hours and unlimited vacation (employees have unlimited paid time off on top of the 23 days of holidays we offer) plus 3 company-paid volunteer days.
• 🤸 Up to 25 EUR per month for a gym subscription.
• 🛴 Flexible retribution plan for kindergarten & transport tickets. 
• 🧑‍🏫 Reimbursement of up to 50% of the cost of English & Spanish classes.
• 🍉 Fresh fruit, cookies, and occasionally some soft drinks as well. 
• 🍕 Regular company and team events like Pizza talks, Team Building activities, Christmas parties, hosting Meetups at the office and more!
• 📣  Bonuses for referring successful hires after three months of continuous employment.
• 🚚 We offer a relocation package to people who are coming from another country.

Please note that not all the benefits listed above are available for temporary, contract, and internship roles. To ensure you have the most up-to-date information, we recommend checking with your Recruitment Partner.