Air Apps
About Air Apps
At Air Apps, we believe in thinking bigger—and moving faster. We’re a family-founded company on a mission to create the world’s first AI-powered Personal & Entrepreneurial Resource Planner (PRP), and we need your passion and ambition to help us change how people plan, work, and live. Born in Lisbon, Portugal in 2018—and now with offices in both Lisbon and San Francisco—we’ve remained self-funded while reaching over 100 million downloads worldwide. Our long-term focus drives us to challenge the status quo every day, pushing the boundaries of AI-driven solutions that truly make a difference. Here, you’ll be a creative force, shaping products that empower people across the globe. Join us on this journey to redefine resource management—and change lives along the way. The Role
As a
Security Engineer
at Air Apps, you will be responsible for
safeguarding our applications, infrastructure, and data
from threats and vulnerabilities. You will work closely with development, DevOps, and IT teams to implement
secure coding practices, vulnerability scanning, and threat modeling
to ensure our systems remain resilient against cyber threats. Your expertise will help build and maintain a
secure development lifecycle (SDLC), security monitoring frameworks, and proactive risk mitigation strategies . Responsibilities
Develop and implement
threat modeling
to identify security risks across applications and infrastructure.
Conduct
vulnerability scanning, penetration testing, and security assessments
to detect weaknesses.
Define and enforce
secure coding practices
in collaboration with development teams.
Work with DevOps to integrate
security into CI/CD pipelines
and automate security testing.
Monitor and respond to
security incidents , conducting root cause analysis and implementing preventative measures.
Ensure compliance with
security standards and regulations
(e.g., ISO 27001, GDPR, SOC 2).
Design and implement
identity and access management (IAM) policies, encryption standards, and authentication mechanisms .
Collaborate with product teams to conduct
security reviews of features, APIs, and third-party integrations .
Develop
incident response plans, security documentation, and best practices .
Stay ahead of emerging threats, vulnerabilities, and security technologies.
Requirements
Around
4+ years
of experience in
cybersecurity, application security, or security engineering .
Strong knowledge of
secure coding principles, OWASP Top 10, and threat modeling techniques .
Experience with
vulnerability scanning tools
(Nessus, Qualys, Burp Suite) and
penetration testing methodologies .
Hands-on experience with
SIEM, intrusion detection systems (IDS), and security monitoring tools .
Proficiency in
scripting and automation
(Python, Bash, PowerShell) for security tasks.
Familiarity with
cloud security
in AWS, Azure, or GCP, including IAM and workload protection.
Knowledge of
encryption protocols, network security, and API security best practices .
Experience working with
DevSecOps , integrating security into CI/CD pipelines.
Ability to analyze
security logs, detect anomalies, and mitigate potential threats .
Excellent problem-solving skills and ability to communicate security concepts to non-technical stakeholders.
What benefits are we offering?
Remote-first
approach with flexible working hours.
Apple hardware
ecosystem for work.
Annual Bonus .
Medical Insurance
(including vision & dental).
Disability insurance
- short and long-term.
401k
up to 4% contribution.
Air Stipend of $3,120/year , paid over 12 monthly installments (for home office, learning, wellness, etc.).
Air Conference 2025 in Las Vegas
– an opportunity to meet the team, collaborate, and grow together.
Diversity & Inclusion
At Air Apps, we are committed to fostering a diverse, inclusive, and equitable workplace. We enthusiastically welcome applicants from all backgrounds, experiences, and perspectives. We celebrate diversity in all its forms and believe that varied voices and experiences make us stronger. Application Disclaimer
At Air Apps, we value transparency and integrity in our hiring process. Applicants must submit their own work without any AI-generated assistance. Any use of AI in application materials, assessments, or interviews will result in disqualification.
#J-18808-Ljbffr
At Air Apps, we believe in thinking bigger—and moving faster. We’re a family-founded company on a mission to create the world’s first AI-powered Personal & Entrepreneurial Resource Planner (PRP), and we need your passion and ambition to help us change how people plan, work, and live. Born in Lisbon, Portugal in 2018—and now with offices in both Lisbon and San Francisco—we’ve remained self-funded while reaching over 100 million downloads worldwide. Our long-term focus drives us to challenge the status quo every day, pushing the boundaries of AI-driven solutions that truly make a difference. Here, you’ll be a creative force, shaping products that empower people across the globe. Join us on this journey to redefine resource management—and change lives along the way. The Role
As a
Security Engineer
at Air Apps, you will be responsible for
safeguarding our applications, infrastructure, and data
from threats and vulnerabilities. You will work closely with development, DevOps, and IT teams to implement
secure coding practices, vulnerability scanning, and threat modeling
to ensure our systems remain resilient against cyber threats. Your expertise will help build and maintain a
secure development lifecycle (SDLC), security monitoring frameworks, and proactive risk mitigation strategies . Responsibilities
Develop and implement
threat modeling
to identify security risks across applications and infrastructure.
Conduct
vulnerability scanning, penetration testing, and security assessments
to detect weaknesses.
Define and enforce
secure coding practices
in collaboration with development teams.
Work with DevOps to integrate
security into CI/CD pipelines
and automate security testing.
Monitor and respond to
security incidents , conducting root cause analysis and implementing preventative measures.
Ensure compliance with
security standards and regulations
(e.g., ISO 27001, GDPR, SOC 2).
Design and implement
identity and access management (IAM) policies, encryption standards, and authentication mechanisms .
Collaborate with product teams to conduct
security reviews of features, APIs, and third-party integrations .
Develop
incident response plans, security documentation, and best practices .
Stay ahead of emerging threats, vulnerabilities, and security technologies.
Requirements
Around
4+ years
of experience in
cybersecurity, application security, or security engineering .
Strong knowledge of
secure coding principles, OWASP Top 10, and threat modeling techniques .
Experience with
vulnerability scanning tools
(Nessus, Qualys, Burp Suite) and
penetration testing methodologies .
Hands-on experience with
SIEM, intrusion detection systems (IDS), and security monitoring tools .
Proficiency in
scripting and automation
(Python, Bash, PowerShell) for security tasks.
Familiarity with
cloud security
in AWS, Azure, or GCP, including IAM and workload protection.
Knowledge of
encryption protocols, network security, and API security best practices .
Experience working with
DevSecOps , integrating security into CI/CD pipelines.
Ability to analyze
security logs, detect anomalies, and mitigate potential threats .
Excellent problem-solving skills and ability to communicate security concepts to non-technical stakeholders.
What benefits are we offering?
Remote-first
approach with flexible working hours.
Apple hardware
ecosystem for work.
Annual Bonus .
Medical Insurance
(including vision & dental).
Disability insurance
- short and long-term.
401k
up to 4% contribution.
Air Stipend of $3,120/year , paid over 12 monthly installments (for home office, learning, wellness, etc.).
Air Conference 2025 in Las Vegas
– an opportunity to meet the team, collaborate, and grow together.
Diversity & Inclusion
At Air Apps, we are committed to fostering a diverse, inclusive, and equitable workplace. We enthusiastically welcome applicants from all backgrounds, experiences, and perspectives. We celebrate diversity in all its forms and believe that varied voices and experiences make us stronger. Application Disclaimer
At Air Apps, we value transparency and integrity in our hiring process. Applicants must submit their own work without any AI-generated assistance. Any use of AI in application materials, assessments, or interviews will result in disqualification.
#J-18808-Ljbffr