Application Security Analyst (Code Review) - Remote Work

At BairesDev, we've been leading the way in technology projects for over 15 years. We deliver cutting-edge solutions to giants like Google and the most innovative startups in Silicon Valley.

Our diverse 4,000+ team, composed of the world's Top 1% of tech talent, works remotely on roles that drive significant impact worldwide.

When you apply for this position, you're taking the first step in a process that goes beyond the ordinary. We aim to align your passions and skills with our vacancies, setting you on a path to exceptional career development and success.

Application Security Analyst (Code Review) at BairesDev

In this role, you read code for a living. Your strength is following data flow through real code across languages like Java, C#, Go, or Python, tracing vulnerabilities from source to sink and producing audit-traceable documentation that stands up to scrutiny in a regulated environment. Whether your background is manual secure code review, developer-to-AppSec, or evidence-based finding disposition, what matters is that you work in the code itself, not around it. This is your opportunity to do precise, high-accountability security analysis where your findings directly inform risk decisions in a compliance-driven environment.

What You'll Do:

- Perform manual secure code review across multiple languages, tracing data flow from source to sink.

- Triage and disposition SAST findings with evidence-based documentation.

- Produce audit-traceable records of true and false positive determinations.

- Collaborate with development teams to validate and remediate confirmed vulnerabilities.

- Support compliance and audit requirements through rigorous finding documentation.

What we are looking for:

- 5+ years of experience in application security, secure code review, or software development with a security focus.

- Strong ability to read and analyze code in languages such as Java, C#, Go, or Python.

- Experience with source-to-sink data flow analysis and manual secure code review.

- Hands-on experience with SAST tools such as Checkmarx, Fortify, Veracode, or Coverity.

- Experience producing audit-traceable documentation in regulated or compliance-driven environments.

- Advanced proficiency in English.

How we do make your work (and your life) easier:

- 100% remote work (from anywhere).

- Excellent compensation in USD or your local currency if preferred

- Hardware and software setup for you to work from home.

- Flexible hours: create your own schedule.

- Paid parental leaves, vacations, and holidays.

- Innovative and multicultural work environment: collaborate and learn from the global Top 1% of talent.

- Supportive environment with mentorship, promotions, skill development, and diverse growth opportunities.

Apply now and become part of a global team where your unique talents can truly thrive!