THE ROLE & THE TEAM We're looking for a Senior Application Security Engineer to join our dynamic security team. In this role, you'll be at the forefront of protecting our applications and AI solutions from evolving threats. We believe in a proactive approach to security, where potential vulnerabilities are identified and addressed early in the development process. As a key member of this team, you'll have the opportunity to shape our security strategies and make a significant impact on our products and services. INCLUSIVE BY DESIGN At Zalando, our vision is to be the leading pan-European ecosystem for fashion and lifestyle e-commerce - one that is inclusive by design. We only assess candidates based on qualifications, merit, and business needs. We welcome applications from people of all gender identities, sexual orientations, personal expressions, racial identities, ethnicities, religious beliefs, and disability statuses. We only want to know why you’re great for this role, so please avoid including your picture, age, and marital status in your CV as well. We want to provide you with a great candidate experience. Please feel free to inform us of any accommodations you may need, so we can best support and assist you throughout the hiring process. do.BETTER - our diversity & inclusion strategy: https://jobs.zalando.com/en/our-culture/diversity-and-inclusion WHAT WE’D LOVE YOU TO DO (AND LOVE DOING) Collaborate with development and operations teams to integrate security practices throughout the SDLC. Lead security reviews and conduct threat modeling for applications and AI systems to identify and help mitigate potential vulnerabilities. Provide guidance on secure coding practices and participate in code reviews to ensure compliance with security standards. Design and execute security testing specifically on GenAI systems to uncover potential security issues. Stay informed about emerging security threats and vulnerabilities in both traditional and AI systems. Promote a security-first mindset across the organization through education and practical demonstrations. WE’D LOVE TO MEET YOU IF You're proficient in at least one programming language like Python, Java, JavaScript, or Go. You have experience with DevSecOps tools and practices, including security in CI/CD pipelines. You possess knowledge of application security concepts, including OWASP Top 10 and vulnerability assessment techniques. You have experience securing cloud environments and understand cloud-native security architectures. You're familiar with microservices security concepts. You understand AI systems and the unique security challenges they present, with experience in AI security testing being a plus. You excel at analytical thinking and effectively communicate security concepts across teams, combining technical expertise with collaborative problem-solving skills. OUR OFFER Zalando provides a range of benefits, here’s an overview of what you can expect. Ask your Talent Acquisition Partner to learn more about what we offer. Employee shares program 40% off fashion and beauty products sold and shipped by Zalando, 30% off Lounge by Zalando, discounts from external partners 2 paid volunteering days a year Hybrid working model with up to 60% remote per week, actual practice is up to each team to best support their collaboration Work from abroad for up to 30 working days a year 27 days of vacation a year to start for full-time employees Relocation assistance available (subject to prior agreement) Family services, including counseling and support Health and wellbeing options (including Wellhub, formerly Gympass) Mental health support and coaching available Drive your development through our training platform and biannual peer-to-peer review