vivenu

Senior Security Engineer - AppSec (d/f/m)

vivenu · DE · 80d ago
Remote
Apply now

About the role

Redefine the future of live entertainment tech

Welcome to vivenu, the global leader in event ticketing tech and one of the world’s fastest-growing live entertainment tech firms. We are transforming event ticketing for global leaders like the Grammys, the Golden Globes, Stanford University and the Hockenheimring turning what was once a simple transaction into a strategic business advantage. Backed by over $65 million in funding, our platform empowers event organizers to own their brand experience, unlock deep data insights, and seamlessly integrate ticketing into their digital infrastructure.

With six offices worldwide and growing, we deliver a customizable, intuitive solution and industry-leading support that simplify even the most complex ticketing challenges – helping organizers deliver exceptional experiences and drive real growth.

Join us and build the future of live entertainment.

With over 10 million end users and usage quadrupling annually, our infrastructure now handles over 1 billion requests per month — and counting. Our API-first platform solves complex system challenges at scale — delivering performance, flexibility, and reliability for the world’s leading live entertainment brands.
 
 
This role offers a unique opportunity to build and scale a state-of-the art application security program within a complex, cutting-edge multi-cloud, multi-tenant environment. There is an opportunity to drive the entire lifecycle from red teaming and threat modeling over vulnerability management to influencing secure coding and a shift-left culture.

As a Senior Security Engineer - AppSec (d/f/m) your responsibilities will include:

  • Acting as a trusted advisor to the engineering team to improve our security posture.

  • Designing, implementing, and maintaining security controls.

  • Performing code and configuration security reviews and advocating for secure coding practices to support an overall shift-left strategy.

  • Automating security checks and guardrails (SAST, DAST, and secret scanning) into CI/CD pipelines, promoting a true "security-as-code" methodology.

  • Partnering on vulnerability triage and driving remediation.

  • Performing and coordinating security tests and threat modeling around our product and the related infrastructure.

  • Translating security requirements into enforceable technical controls by automating evidence collection and configuring platform settings.

  • What you will need to succeed in this role:

  • 5+ years as a Security Engineer (or equivalent).

  • Experience within a high-growth SaaS, E-commerce, or Fintech environment.

  • Experience with both API and web security, potential attack vectors, and how to advocate for and implement scalable best practices.

  • Expertise in cloud technologies (AWS, GCP, or Azure).
  • Experience with diving deep into the business logic of a SaaS application to determine and verify attack vectors.

  • A proven track record of driving security initiatives with a strong sense of ownership.

  • Experience with at least one programming language for scripting, security tooling development, preferably with automating GRC evidence collection.

  • Preferred: Experience in Terraform for securing infrastructure would be plus, combined with hands-on experience in integrating security testing.
  • Preferred: Experience in a modern application tech stack including GCP, Golang, and TypeScript.

  • Preferred: Experience with PCI DSS script security.

  • Preferred: Experience in executing Red or Purple Team operations and advanced penetration testing, and the ability to effectively collaborate with development teams to drive the remediation of software vulnerabilities.

  • Bachelor's or Master’s degree in Computer Science, Information Technology, Cybersecurity, or a closely related technical field.

  • Arrangement Remote
    Location DE
    Posted 80d ago
    .*
    findatechjob

    Tech jobs straight from company career pages. No recruiters, no middlemen, no spam.

    © 2026 findatechjob · Logos provided by Logo.dev