About Air Apps: Pioneering the Future of Productivity
At Air Apps, we're not just building software; we're crafting the future. As a family-founded company, we've dared to think bigger and move faster, driven by a mission to create the world's first AI-powered Personal & Entrepreneurial Resource Planner (PRP). Imagine a platform that fundamentally changes how people plan, work, and live – that's our vision, and we need your ambition to make it a reality.
Born in the vibrant city of Lisbon, Portugal, in 2018, and now with strategic offices in both Lisbon and San Francisco, our journey has been fueled by innovation and relentless execution. We've achieved over 100 million downloads worldwide while proudly remaining self-funded. Our long-term focus empowers us to challenge the status quo daily, pushing the boundaries of AI-driven solutions that truly make a difference in millions of lives.
Here, you won't just be an engineer; you'll be a creative force, shaping products that empower people across the globe. Join us, and redefine resource management while changing lives along the way.
The Mission: Security Engineer
Are you a proactive cybersecurity expert ready to build and fortify the defenses of a groundbreaking AI platform? As our Security Engineer at Air Apps, you will be a critical guardian, responsible for safeguarding our innovative applications, robust infrastructure, and sensitive data against an ever-evolving landscape of threats and vulnerabilities.
You'll collaborate closely with our agile development, DevOps, and IT teams, embedding security at every stage. Your expertise will be vital in implementing secure coding practices, conducting advanced vulnerability scanning, and leading threat modeling initiatives to ensure our systems remain resilient and impenetrable.
This role is your opportunity to architect and maintain a state-of-the-art secure development lifecycle (SDLC), implement sophisticated security monitoring frameworks, and drive proactive risk mitigation strategies that protect our users and our mission.
This is a fully onsite position, based at our dynamic office in Lisbon, where you will thrive in close collaboration with cross-functional teams. We understand the journey, and we are open to supporting your relocation efforts to join us in this beautiful city.
Your Impact: Key Responsibilities
Lead the development and implementation of comprehensive threat modeling to proactively identify and assess security risks across our entire application and infrastructure landscape.
Conduct rigorous vulnerability scanning, penetration testing, and security assessments to uncover and address system weaknesses before they can be exploited.
Collaborate with development teams to define, enforce, and champion best-in-class secure coding practices and principles.
Partner with DevOps to seamlessly integrate robust security into CI/CD pipelines, automating security testing for continuous assurance.
Actively monitor for and expertly respond to security incidents, performing root cause analysis and implementing effective preventative measures.
Ensure stringent compliance with critical security standards and regulations, including ISO 27001, GDPR, and SOC 2.
Design and implement resilient identity and access management (IAM) policies, encryption standards, and secure authentication mechanisms.
Conduct thorough security reviews of new features, APIs, and third-party integrations in close collaboration with product teams.
Develop and refine comprehensive incident response plans, security documentation, and organizational best practices.
Stay at the forefront of cybersecurity, continuously researching and adopting new security technologies, tactics, and intelligence on emerging threats and vulnerabilities.
What You Bring: Requirements
4+ years of hands-on, impactful experience in cybersecurity, application security, or dedicated security engineering roles.
Profound knowledge of secure coding principles, the OWASP Top 10, and advanced threat modeling techniques.
Demonstrable experience with leading vulnerability scanning tools (e.g., Nessus, Qualys, Burp Suite) and practical penetration testing methodologies.
Hands-on proficiency with SIEM solutions, intrusion detection systems (IDS), and advanced security monitoring tools.
Strong proficiency in scripting and automation using languages like Python, Bash, or PowerShell for enhancing security operations.
Familiarity with robust cloud security principles across major providers (AWS, Azure, or GCP), including expertise in IAM and workload protection.
In-depth knowledge of encryption protocols, network security fundamentals, and API security best practices.
Proven experience working within a DevSecOps framework, successfully integrating security into CI/CD pipelines.
Exceptional ability to analyze complex security logs, detect anomalies, and swiftly mitigate potential threats.
Outstanding problem-solving capabilities and the skill to clearly communicate complex security concepts to both technical and non-technical stakeholders.
Unlocking Your Potential: Our Benefits & Perks
Cutting-edge Apple hardware ecosystem to power your innovation.
Generous Annual Bonus tied to individual and company performance.
Top-tier Health and Life Insurance for comprehensive peace of mind.
Dedicated Transportation Budget to support your commute.
Flexible Coverflex benefits package, including meal allowances, well-being initiatives, and more.
Support for your family with dedicated Childcare assistance.
Annual Air Conference – a unique opportunity to connect, collaborate, and grow with the entire team.
Robust Pension Fund to secure your long-term financial future.
Urban Sports Club membership to keep you active and energized.
Delicious, 100% free meals served daily at our Lisbon hub.
Diversity & Inclusion: Grow With Us
At Air Apps, we are deeply committed to fostering a diverse, inclusive, and equitable workplace where every voice is heard and valued. We enthusiastically welcome applicants from all backgrounds, experiences, and perspectives. We celebrate diversity in all its forms and firmly believe that varied voices and experiences are the bedrock of stronger teams and more innovative solutions.
Application Disclaimer: Your Authentic Voice Matters
At Air Apps, we champion transparency and integrity throughout our hiring process. We require applicants to submit their own original work without any AI-generated assistance. Any use of AI in application materials, assessments, or interviews will result in immediate disqualification.