Application Security Engineer

Our Mission and Vision

At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.

We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.

We're building the #1 payment orchestrator in the world — and the names behind us prove it. Clients include Bolt, Ajax, Nova Post, MEGOGO. Trusted by giants like J.P. Morgan. Ranked #2 in the "Employer of the Year 2026" award by Forbes Ukraine.

About the Role

Solidgate builds financial infrastructure for fast-growing internet businesses worldwide. Our platform processes millions of payments daily and operates in a highly regulated fintech environment, where security is a core product requirement — not an afterthought.

Our engineering organization builds and scales a complex cloud-native platform with over 120 microservices. As the company continues to grow, we are strengthening our security organization and introducing a dedicated Application Security Engineer role.

The mission of this role is to keep our business and revenue safe by building security into the way we develop software — from early design decisions to CI/CD pipelines and live production systems.

This is a hands-on Application Security role focused on embedding security into the software development lifecycle and reducing real product risks.

You will work closely with engineering teams to:

• design secure application architectures

• improve secure coding practices

• detect vulnerabilities early in the development lifecycle

• continuously improve application security as part of everyday engineering work

You will have a direct impact on how secure software is built across a large microservices ecosystem, influencing standards, tooling, and engineering culture.

Explore our technology stack ➡️ here.

What You Will Own

As an Application Security Engineer, you will be responsible for application-level security across our fintech platform, including:

• Building and maintaining secure coding standards and supporting their adoptionl across development teams

• Conducting threat modeling during architecture and design stages

• Implementing and improving application security testing, including: SAST, DAST, Dependency and secrets scanning, CI/CD security checks

• Performing regular application security assessments and maturity evaluations (OWASP ASVS, OWASP SAMM)

• Managing the full vulnerability lifecycle: triage, prioritization, remediation support, and validation

• Supporting external penetration testing and Bug Bounty programs

• Identifying and mitigating security risks in cloud environments and CI/CD pipelines

You are a great fit if you have

• At least 2 years of experience in Application Security or Product Security

• Hands-on experience with OWASP Top 10 vulnerabilities

• Practical experience with: secure code reviews, threat modeling, SAST and DAST tools and their integration into CI/CD pipelines

• Strong understanding of web application and API security

• Ability to communicate clearly with engineers and work as a partner rather than a blocker

Nice to Have

• Experience with container security and cloud security tooling

• Familiarity with DevSecOps and shift-left security practices

• Experience automating application security processes

• Background as a software engineer or close collaboration with development teams

Why Join Solidgate?

Build security that matters. Lead initiatives that define how security is embedded into our software development lifecycle across multiple teams and products.

Your expertise counts. Enjoy real autonomy — propose, test, and implement security practices and tooling that directly improve product resilience and reduce risk.

Room to experiment. Apply modern AppSec, automation, and shift-left approaches with full support from engineering and security leadership.

Impact & visibility. See the results of your work directly in more secure products, fewer vulnerabilities, and stronger engineering practices.

Collaborative environment. Work side by side with experienced, curious engineers who treat security as a shared responsibility and value partnership over gatekeeping.

The Extras: 30+ days off, unlimited sick leave, free office meals, health coverage, and Apple gear to keep you productive. Courses, conferences, sports and wellness benefits — all designed for ideas, focus, and fun.

Tomorrow’s fintech needs your mindset. Come build it with us.

🫂 Know top talent? We’re always on the lookout. Recommend someone for our role, and if they get hired, there’s a bonus waiting for you — simple as that.