Application Security Engineer

Location: Madrid


  • Specifically guarantee compliance with LOPD, PCI DSS, GDPR, and PSD2.
  • Review bug corrections / new developments / changes for security gaps.
  • Work with Dev Teams and assess / assist in their SDLC.
  • Define security improvements and roadmap.
  • Translate security requirements into tasks (bugs/new developments…).
  • Hunt for coding gaps and security vulnerabilities in the applications.
  • Drive corrective and proactive actions to mitigate vulnerabilities detected.
  • Find gaps and security issues in android and iOS applications and help mitigate them.


  • Familiar with Microservices, APIs, etc.
  • Ability to develop solutions to moderately complex to highly complex problems.
  • Proficient at problem identification, research and resolution.
  • Deep understanding of the current landscape of security risks, attack vectors and vulnerabilities.
  • Knowledge of OWASP Top10 or SANS Top 25.
  • Experience with pentesting tools like Burp Suite Pro, OWASP Zed Attack Proxy or Metasploit.
  • Experience with web security or debugging tools (ex: capture with Fiddler, Wireshark, etc.).
  • Conducting security tests, network analysis and risk assessment of applications (web and mobile).
  • Able to perform threat modelling and derive security test schema based on security threat model.
  • Analyze vulnerabilities, penetration testing, impact analysis, risk analysis and security assessments.
  • Ability to translate abstract requirements into effective, actionable, and measurable security controls
  • Highly motivated and willing to do what it takes to get the job done.
  • Team Player

Send us your CV to

**By responding to this message and providing us with the requested information you are giving us your consent to incorporate it into the database of Openbank and the Santander Group and to process the information provided in order to be able to consider you for this and future selection processes that may be carried out, as well as, in the event that you are selected, for other services related to your professional career and with the Human Resources departments of these companies. In order to exercise your rights of access, rectification, cancellation or opposition you must write to​​​​​​​, giving "Personal Data Protection" as the subject**