Our Mission and Vision
At Solidgate, our mission is clear: to empower outstanding entrepreneurs to build exceptional internet companies. We exist to fuel the builders — the ones shaping the digital economy — with the financial infrastructure they deserve. To achieve that, we’re on a bold path: to become the #1 payments orchestration platform in the world.
We believe the future of payments is shaped by people who think big, take ownership, and bring curiosity and drive to everything they do. That’s exactly the kind of teammates we want on board.
About the Role
Solidgate builds financial infrastructure for fast-growing internet businesses worldwide. Our platform processes millions of payments daily and operates in a highly regulated fintech environment, where security is a core product requirement — not an afterthought.
Our engineering organization builds and scales a complex cloud-native platform with over 120 microservices. As the company continues to grow, we are strengthening our security organization and introducing a dedicated Application Security Engineer role.
The mission of this role is to keep our business and revenue safe by building security into the way we develop software — from early design decisions to CI/CD pipelines and live production systems.
This is a hands-on Application Security role focused on embedding security into the software development lifecycle and reducing real product risks.
You will work closely with engineering teams to:
design secure application architectures
improve secure coding practices
detect vulnerabilities early in the development lifecycle
continuously improve application security as part of everyday engineering work
You will have a direct impact on how secure software is built across a large microservices ecosystem, influencing standards, tooling, and engineering culture.
Explore our technology stack ➡️ here.
What You Will Own
As an Application Security Engineer, you will be responsible for application-level security across our fintech platform, including:
Building and maintaining secure coding standards and supporting their adoptionl across development teams
Conducting threat modeling during architecture and design stages
Implementing and improving application security testing, including: SAST, DAST, Dependency and secrets scanning, CI/CD security checks
Performing regular application security assessments and maturity evaluations (OWASP ASVS, OWASP SAMM)
Managing the full vulnerability lifecycle: triage, prioritization, remediation support, and validation
Supporting external penetration testing and Bug Bounty programs
Identifying and mitigating security risks in cloud environments and CI/CD pipelines
You are a great fit if you have
At least 2 years of experience in Application Security or Product Security
Hands-on experience with OWASP Top 10 vulnerabilities
Practical experience with: secure code reviews, threat modeling, SAST and DAST tools and their integration into CI/CD pipelines
Strong understanding of web application and API security
Ability to communicate clearly with engineers and work as a partner rather than a blocker
Nice to Have
Experience with container security and cloud security tooling
Familiarity with DevSecOps and shift-left security practices
Experience automating application security processes
Background as a software engineer or close collaboration with development teams
Why Join Solidgate?
Build security that matters. Lead initiatives that define how security is embedded into our software development lifecycle across multiple teams and products.
Your expertise counts. Enjoy real autonomy — propose, test, and implement security practices and tooling that directly improve product resilience and reduce risk.
Room to experiment. Apply modern AppSec, automation, and shift-left approaches with full support from engineering and security leadership.
Impact & visibility. See the results of your work directly in more secure products,
