← Back to Jobs
Full Time

Application Security Engineer - Pepperstone - Connecticut

Pepperstone

Apply Now
Connecticut
100K–140K a year
Google Jobs
Posted 5 days ago

The Pepperstone story started in 2010. We know what it’s like to trade the world’s markets. Our team describes us as a place for the curious and the driven, and we like to do things a little differently; as a transformative global fintech we’re digital, nimble, connected, and united in our vision to create a better way to trade. We thrive on progress – for our clients and for ourselves. Our organisational culture is ever‑evolving, vibrant, diverse, global and results‑focused. You’ll find our 550+ team currently across 11 locations and 9 time zones.

The Role
The Application Security Engineer exists to embed security throughout the software development lifecycle at Pepperstone. You will partner with engineering and product teams to identify, assess, and remediate security vulnerabilities in our applications and APIs, ensuring that security is a first‑class citizen in every release. You will drive adoption of secure coding practices, conduct application security assessments, and help build a security‑aware engineering culture across the organisation. This position reports to Head of Product Security, Limassol, Cyprus.

What You'll Be Doing

Perform application security assessments including threat modelling, secure code reviews, and penetration testing across web, mobile, and API surfaces.
Partner with development teams to integrate security controls into CI/CD pipelines using SAST, DAST, SCA, and secrets detection tooling.
Identify, triage, and track vulnerabilities through to remediation, working closely with engineering teams to provide actionable guidance.
Define and maintain application security standards, secure coding guidelines, and developer‑facing security documentation.
Champion security‑by‑design principles and provide hands‑on guidance during the design and architecture phases of new features and products.
Lead and support bug bounty and responsible disclosure programmes, coordinating triage and remediation of externally reported issues.
Conduct securit

Apply for this Position