Senior Application Security Engineer
Req ID: 26-488
Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.
We know a diverse workforce adds to our collective value and strength as an organization. Barracuda Networks is proud to be an Equal Opportunity Employer, committed to equal employment opportunity and equitable compensation regardless of race, gender, religion, sex, sexual orientation, national origin, or disability.
Envision yourself at Barracuda
As a Sr. Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly, provide feedback on long-term improvements, and drive strategic security initiatives across our product portfolio.
Tech Stack:
- TypeScript/JavaScript, Python, Ruby, Java, Go
- CI/CD automation tools (SAST, SCA, Secrets Scanning, etc.)
- AI security controls and LLM risk management
What you’ll be working on
- Embed security across the development lifecycle, moving from pen-test/documentation-heavy to guardrail-driven programs
- Facilitate lightweight, feature-level threat models and drive risk-based discussions
- Perform hands-on application penetration tests and security-focused source code reviews
- Drive risk rating and vulnerability management processes
- Partner with product, platform, and engineering leads to drive security initiatives
- Lead outcome-focused design review discussions and security trainings
- Provide framework-specific remediation guidance to developers
What you bring to the role
- 5–8+ years in product-focused AppSec, with a track record of embedding security and reducing late-stage findings via automation and developer enablement
- Deep practical knowledge of core security concepts (authN/Z, session management, input/output handling, logging, data protection, access controls)
- Proficient in at least two programming languages (TypeScript/JavaScript, Python, Ruby, Java, Go, etc.)
- Hands-on experience with application penetration testing and code reviews
- Proficient in threat modeling and risk-based analysis
- Strong organizational, time-management, communication, and presentation skills
What you’ll get from us
A team where you can voice your opinion, make an impact, and where you and your experience are valued. Internal mobility – there are opportunities for cross training and the ability to attain your next career step within Barracuda.
- Equity, in the form of non-qualifying options
- High-quality health benefits
- Retirement Plan with employer match
- Career-growth opportunities
- Flexible Time Off and Paid Time Off benefits
- Volunteer opportunities