Question
5-10

Application Security Engineer

9/15/2025

Lead the security domain at Qodo by developing a strategy for securing Qodo’s cloud and its assets. Conduct security assessments, vulnerability scanning, and secure code reviews for cloud-based applications.

Working Hours

40 hours/week

Company Size

51-200 employees

Language

English

Visa Sponsorship

No

About The Company
Qodo is the enterprise platform for AI-driven code review, designed to help engineering teams keep pace with the velocity of coding. As AI accelerates development, Qodo ensures quality scales alongside it.. Our multi-agent platform integrates deep code base understanding, automated rule enforcement and agentic review intelligence to deliver context-aware code reviews across the SDLC. Its agents handle PR review, in-IDE feedback, background remediation, to ensure issues are caught early, fixes are validated, and standards are consistently enforced.
About the Role

At Qodo, we're building an AI Code Review platform that helps developers move fast, ship with confidence, and elevate code quality across the SDLC through deep, scalable codebase understanding.

We're seeking an Application Security Engineer to join our team. This role is ideal for someone who can collaborate closely with developers, provide practical security guidance, and also dive deep into our codebase and cloud infrastructure to ensure our product is secure by design. This is a hands-on role with strong influence across engineering.

Responsibilities

  • Shape and execute Qodo’s approach to application and cloud security, focusing on practical, developer-first solutions rather than high-level governance.
  • Partner with engineering teams to embed secure-by-default practices into the SDLC, including secure code reviews, threat modeling, SAST/DAST usage, and GenAI guardrail implementations.
  • Perform hands-on security work: reviewing code, improving cloud configurations, hardening services, and implementing security tools and automation.
  • Collaborate with DevOps to integrate security controls into CI/CD pipelines, containerized environments, and infrastructure-as-code.
  • Conduct security assessments, analyze vulnerabilities, and provide actionable remediation to developers.
  • Develop and maintain internal security standards and playbooks; support incident response when needed.

Requirements

  • 4+ years of experience in application security engineering, with a strong focus on both cloud security and secure software development.
  • Hands-on experience guiding developers through secure coding, threat modeling, and remediation discussions.
  • Experience with application security tooling (SAST, DAST, SCA, runtime monitoring) and cloud-native security practices.
  • Knowledge of CI/CD, container security, and DevSecOps principles.
  • Ability to read and understand code in at least one modern programming language.

Advantages

  • Security certifications (e.g., AWS Security Specialty, CISSP).
  • Experience with IaC tools, scripting, or programming (Terraform, Python, Bash, etc.).
  • Familiarity with network security fundamentals.
  • Experience using or evaluating AI for security problem-solving.

About the team

null
Key Skills
Application Security EngineeringCloud Security PrinciplesSecurity ToolsSecure Coding PracticesCI/CD PipelinesContainer SecurityDevSecOps PrinciplesScripting SkillsNetwork Security ConceptsProblem Solving with AI
Apply Now

Please let Qodo know you found this job on InterviewPal. This helps us grow!

Apply Now
Prepare for Your Interview

We scan and aggregate real interview questions reported by candidates across thousands of companies. This role already has a tailored question set waiting for you.

Elevate your application

Generate a resume, cover letter, or prepare with our AI mock interviewer tailored to this job's requirements.

Tailor my ResumeWrite my cover letterFind Your Cover Letter