Senior Application Security Engineer

Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience.

Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use. 
 
We know a diverse workforce adds to our collective value and strength as an organization.  Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability. 
 
 
Envision yourself at Barracuda
 
As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly, provide feedback on long-term improvements, and drive strategic security initiatives across our product portfolio. 
 
Tech Stack:
TypeScript/JavaScript, Python, Ruby, Java, Go

CI/CD automation tools (SAST, SCA, Secrets Scanning, etc.)

AI security controls and LLM risk management

What you’ll be working on
Embed security across the development lifecycle, moving from pen-test/documentation-heavy to guardrail-driven programs

Facilitate lightweight, feature-level threat models and drive risk-based discussions

Perform hands-on application penetration tests and security-focused source code reviews

Drive risk rating and vulnerability management processes

Partner with product, platform, and engineering leads to drive security initiatives

Lead outcome-focused design review discussions and security trainings

Provide framework-specific remediation guidance to developers

What you bring to the role
5 - 8+ years in product-focused AppSec, with a track record of embedding security and reducing late-stage findings via automation and developer enablement

Deep practical knowledge of core security concepts (authN/Z, session management, input/output handling, logging, data protection, access controls)

Proficient in at least two programming languages (TypeScript/JavaScript, Python, Ruby, Java, Go, etc.)

Hands-on experience with application penetration testing and code reviews

Proficient in threat modeling and risk-based analysis

Strong organizational, time-management, communication, and presentation skills

 
What you’ll get from us 
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.  
 
Equity, in the form of non-qualifying options 

High-quality health benefits 

Retirement Plan with employer match 

Career-growth opportunities 

Flexible Time Off and Paid Time Off benefits 

Volunteer opportunities 

 
#LI-remote
 
Job ID: 27-0245