Cobalt • Remote — US/Germany/UK

Senior Application Security Engineer

Job Description

Who We Are

Cobalt was founded on the belief that pentesting can be better. Our pentests start in as little as 24 hours and integrate with modern development cycles thanks to the powerful combination of a SaaS platform coupled with an exclusive community of testers known as the Cobalt Core. Accepting just 5% of applicants, the Core boasts over 400 closely vetted and highly skilled testers who jointly conduct thousands of tests each year.

Our award-winning, fully remote team is committed to helping agile businesses remediate risk quickly and innovate securely. Today, over 1,000 customers use Cobalt to run pentests on demand via Pentest as a Service, AKA PtaaS, a space which Cobalt pioneered (you could even say we wrote the book on it) and continues to lead.


This position will be accountable for establishing and maintaining the Application Security Program for our customer-facing platform that is used for PtaaS (Pentest as a Service). You’ll focus on designing, building, and deploying application security tools to protect our platform.

It involves scheduling penetration tests, Bug Bounty program, ensuring remediation of discovered vulnerabilities, application security collaboration with engineering teams. If you’re a creative problem solver who is aiming to go beyond your limits, and willing to take your career to the next level here in the US, then this is the right place for you.

What You'll Do

  • Perform dynamic application security testing (DAST).
  • Perform static analysis (SAST) of the micro-services and Web applications codebase.
  • Discover, prioritise, and help remediate technical risks on features, products, and infrastructure.
  • Perform threat assessment on existing and upcoming features and releases.
  • Develop and own best practices for application security, development, and deployment (CI/CD).
  • Identify and assess vulnerabilities stemming from third party dependencies.
  • Collaborate with other engineers, PMs, and designers.

You Have

  • 5+ years of professional experience in one or more of the following: Frontend: React/Redux, HTML5, CSS, JavaScript.
  • Previous experience and passion for technical leadership and mentoring teammates
  • A proactive attitude & willingness to participate in team discussions
  • Experience working with RESTful APIs
  • Experience with automation testing and continuous deployment processes
  • A solid understanding of build tools and bundlers, such as webpack
  • Good written and verbal communication in English
  • A high comfort level within a remote-first, globally distributed company

Bonus If You Have

  • Experience with SAST tools like Checkmarx, Snyk
  • Experience with Infrastructure security

Diversity at Cobalt

With over 45 nationalities already at Cobalt (and counting) we respect and celebrate diversity! We’re proudly committed to equal employment opportunities regardless of your gender, religion, age, sexual orientation, ethnicity, disability, or place of origin. We support each other and are grateful for each Cobalter's contribution to our mission — let's make security dance!

Please apply even if you don't think you meet all of the criteria above but are still interested in the job. Nobody checks every box, and we're looking for someone excited to join the team.

Why You Should Join Us

  • Grow in a passionate, rapidly expanding industry operating at the forefront of the Pentesting industry
  • Work directly with experienced senior leaders with ongoing mentorship opportunities
  • Earn competitive compensation and an attractive equity plan
  • Save for the future with a 401(k) program (US)
  • Benefit from medical, dental, vision and life insurance (US)
  • Leverage stipends for:
    • Wellness
    • Work-from-home equipment & wifi
    • Learning & development
    • Unlimited books
  • Treat yourself to paid remote lunches
  • Make the most of our flexible, generous paid time off
  • Work remotely from anywhere in the US
  • Explore the world with our travel bonus payouts at your 2, 3, and 5 year anniversary

Company benefits

Enhanced maternity leave – 16 weeks paid
Enhanced paternity leave – 16 weeks paid
Adoption leave – 16 weeks paid
Work from anywhere scheme
Unlimited annual leave
Work from home allowance
Co-working space allowance
Teambuilding days
Teambuilding holidays

The FlexScore® is the result of a rigorous 2-step verification of a company’s flexibility

First we assess the flexibility options Cobalt provides and then we anonymously survey a statistically significant proportion of their employees to make sure Cobalt is as flexible as they say they are. Our assessment is based on the six key elements of flexibility: location, hours, autonomy, benefits, role modelling and work-life balance.

We ask the hard questions so you don’t have to.

Working at Cobalt

Company employees


Gender diversity (male:female)


Office locations

USA, Germany, UK

Funding levels


Hiring Countries

United Kingdom
United States
What employees are saying

"Part of the reason why I joined Cobalt was the flexibility – being able to work from home, take care of my dog, run errands, and also unplug after hours was important to me, and everyone at Cobalt gets it."

Anonymous Cobalt Employee

Awards & Achievements
Most flexible Saas & Dev Software companies

Most flexible Saas & Dev Software companies

Industry awards 2022