Prima

Application Security Engineer

Prima · ES · 1d ago
Remote mid Python
Apply now

About the role

Are you looking for a new challenge?

Fancy helping us shape the future of motor insurance?

Prima could be the place for you. 

Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain.


To help fuel that growth, we need a Application Security Engineer  to join our Security Engineering Team
 
The Engineering Department is the beating heart of Prima. You’ll be joining over 350 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.
 
Excited to make an impact? Here are the details

What you'll do

  • Define security requirements and design application architectures following a secure-by-default approach.

  • Conduct threat modeling, code reviews, and penetration testing on cloud-based web and mobile apps to proactively identify vulnerabilities.

  • Implement, manage, and automate SAST/DAST/SCA security controls and WAF rules to enforce protection at scale.

  • Partner with Product teams to ensure robust protection and foster a security-first development culture.

  • Participate in the investigation, management, and resolution of security alerts.

  • Collaborate on all core activities and initiatives of the Security Engineering team.

  • What we're looking for

  • Strong knowledge of web/mobile security vulnerabilities, AI security risks, and industry standards (e.g., OWASP Top 10, CWE).

  • Hands-on experience with threat modeling frameworks (e.g., STRIDE), code reviews, penetration testing, and SAST/DAST/SCA tools.

  • Proficiency in scripting/programming (e.g., Python, Rust) and experience with CI/CD systems and Infrastructure as Code (e.g., Pulumi).

  • Availability for on-call shifts to guarantee 24x7 security monitoring and support.

  • Self-motivated and proactive problem-solvers with strong English communication skills and experience in Agile environments.

  •  

    Nice-to-have

  • Practical experience with secure AWS design/implementation and Kubernetes (EKS) security.

  • Hands-on experience with WAF configurations (e.g., Cloudflare) and EDR, SIEM, or SOAR platforms.

  • Relevant industry certifications (e.g., OSCP, OSWA/E, BSCP, PWPA/E, eWPT, or similar).

  • Active involvement in security research, bug bounty programs, or CTF competitions.

  • Tech stack

    Python
    Level mid
    Arrangement Remote
    Location ES
    Posted 1d ago
    .*
    findatechjob

    Tech jobs straight from company career pages. No recruiters, no middlemen, no spam.

    © 2026 findatechjob · Logos provided by Logo.dev