Job Title: Application Security Analyst

Location: Remote (Full-Time)
Industry: Fintech / Cybersecurity
Department: Information Security
Company: Quadcode

About Quadcode

Quadcode is a global fintech company delivering innovative financial products and brokerage solutions. Our flagship internal trading platform is offered as a SaaS product to brokers worldwide. With over 700 professionals across seven countries, our mission is to redefine secure, efficient, and scalable fintech infrastructure.

We are seeking an experienced Application Security Analyst to join our Security Team. This role is vital in safeguarding our digital platforms and ensuring secure development practices across all software products.

What You’ll Do

• Work closely with development teams to integrate security best practices in the SDLC (Shift-Left Approach).

• Conduct security design reviews and final assessments before deploying new or existing services.

• Manage and maintain SAST, SCA, and Secret Scanning tools within CI/CD pipelines.

• Design and update the application security architecture blueprint.

• Define security policies and requirements for digital products.

• Perform penetration testing to identify and mitigate risks in real-world attack scenarios.

• Handle the Bug Bounty Program, evaluate external security reports, and oversee patching.

• Run security awareness programs for developers on common vulnerabilities and secure coding.

• Support R&D and maintain tools/services for SDLC security.

• Conduct Security Risk Assessments and Threat Modeling for applications.

What We’re Looking For

• 3+ years of experience in Application Security or AppSec-focused roles.

• Strong background in secure coding, software development lifecycles, and security best practices.

• Deep knowledge of OWASP Top 10, common vulnerabilities, and mitigation techniques.

• Proficiency in Python or Go (2+ years).

• Hands-on experience with tools like SAST, SCA, DAST, Burp Suite, ZAP, or similar.

• Ability to work collaboratively in Agile/Scrum environments.

• Strong communication, documentation, and risk assessment skills.

• Fluent in Russian (C1) and comfortable with English at B1+ level (for international team communication).

Bonus Points For

• Certifications like OSCP, OSWE, CCSP, or similar.

• Experience with Bug Bounty programs, CTFs, and compliance frameworks such as PCI-DSS, GDPR.

• Knowledge of OWASP guides: Testing Guide, Code Review Guide, Secure Coding Practices.

• Familiarity with network vulnerability scanners like Nessus, MaxPatrol, or XSpider.

Why Join Quadcode?

• Fully remote role with competitive compensation.

• 20 paid days off annually.

• Flexible hours to support work-life balance.

• Opportunities for growth, training, and certification support.

• Collaborative, fast-paced team using cutting-edge technology in fintech security.

• Be part of a global company with teams across the UK, UAE, Cyprus, Australia, Gibraltar, and the Bahamas.

Application Process

All applications will be handled confidentially. Only shortlisted candidates will be contacted for interviews.