Security Engineer Lisboa

Security Engineer
Lisboa
Lisboa, Lisboa, Portugal

About Air Apps

At Air Apps, we believe in thinking bigger—and moving faster. We’re a
- founded company on a mission to create the world’s first AI-powered Personal & Entrepreneurial Resource Planner (PRP), and we need your passion and ambition to help us change how people plan, work, and live. Born in Lisbon, Portugal in 2018—and now with offices in both Lisbon and San Francisco—we’ve remained
- funded while reaching over 100 million downloads worldwide.

Our
- term focus drives us to challenge the status quo every day, pushing the boundaries of AI-driven solutions that truly make a difference. Here, you’ll be a creative force, shaping products that empower people across the globe.

Join us on this journey to redefine resource management—and change lives along the way.

The Role

As a Security Engineer at Air Apps, you will be responsible for safeguarding our applications, infrastructure, and data from threats and vulnerabilities. You will work closely with development, Dev
Ops, and IT teams to implement secure coding practices, vulnerability scanning, and threat modeling to ensure our systems remain resilient against cyber threats.

Your expertise will help build and maintain a secure development lifecycle (SDLC), security monitoring frameworks, and proactive risk mitigation strategies.

Responsibilities

• Develop and implement threat modeling to identify security risks across applications and infrastructure.
• Conduct vulnerability scanning, penetration testing, and security assessments to detect weaknesses.
• Define and enforce secure coding practices in collaboration with development teams.
• Work with Dev
  Ops to integrate security into CI/CD pipelines and automate security testing.
• Monitor and respond to security incidents, conducting root cause analysis and implementing preventative measures.
• Ensure compliance with security standards and regulations (e. g. , ISO 27001, GDPR, SOC 2).
• Design and implement identity and access management (IAM) policies, encryption standards, and authentication mechanisms.
• Collaborate with product teams to conduct security reviews of features, APIs, and
  - party integrations.
• Develop incident response plans, security documentation, and best practices.
• Stay ahead of emerging threats, vulnerabilities, and security technologies.
  
  

• Around 4+ years of experience in cybersecurity, application security, or security engineering.
• Strong knowledge of secure coding principles, OWASP Top 10, and threat modeling techniques.
• Experience with vulnerability scanning tools (Nessus, Qualys, Burp Suite) and penetration testing methodologies.
• Hands-on experience with SIEM, intrusion detection systems (IDS), and security monitoring tools.
• Proficiency in scripting and automation (Python, Bash, Power
  Shell) for security tasks.
• Familiarity with cloud security in AWS, Azure, or GCP, including IAM and workload protection.
• Knowledge of encryption protocols, network security, and API security best practices.
• Experience working with Dev
  Sec
  Ops, integrating security into CI/CD pipelines.
• Ability to analyze security logs, detect anomalies, and mitigate potential threats.
• Excellent
  - solving skills and ability to communicate security concepts to
  - technical stakeholders.
  
  

• Apple hardware ecosystem for work.
• Flexible Paid Time Off (PTO) to support
  - life balance.
• Annual Bonus.
• Top-tier Health Insurance for peace of mind.
• Public Transportation Pass to support your commute needs.
• Coverflex benefits package for meal allowances,
  - being, and more.
• Air Conference - an opportunity to meet the team, collaborate, and grow together.