Senior Application Security Engineer

Senior Application Security Engineer

Poland

The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world's most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global audience with partners through rich content, travel guidance, and two-sided marketplaces for experiences, accommodations, restaurants, and other travel categories. The subsidiaries of Tripadvisor, Inc. (Nasdaq: TRIP), include a portfolio of travel brands and businesses, including Tripadvisor, Viator, and TheFork.

We are looking for an experienced Senior Application Security Engineer to join our growing team at Tripadvisor Experiences. In this role, you will take a lead position in securing the applications that power our platform. As a Senior Engineer, you will design and implement advanced security measures, mentor junior engineers, and play a key role in ensuring the security of our products and infrastructure. This is a fantastic opportunity to influence our security practices and help shape the future of application security within the organisation.

This role is based remotely in Poland. We hire based on a permanent contract (UoP).

What You'll Do:

• Lead the design and implementation of advanced application security measures, including encryption, secure APIs, and identity management.
• Conduct in-depth threat modelling and risk assessments to identify and mitigate potential security risks.
• Performing manual security assessments including code reviews.
• Act as a Subject Matter Expert (SME) for security breaches, including performing root cause analysis and creating corrective actions related to security vulnerabilities.
• Develop and enforce application security policies across multiple engineering teams, ensuring consistency and scalability.
• Mentor and train junior engineers, helping them improve their security knowledge and practices.
• Provide expert advice on security architecture and design for new features and systems.
• Collaborate with engineering and product teams to integrate security requirements into software development lifecycles.
• Champion security initiatives by advocating for prioritisation of security issues and resolution of technical debt.
• Stay up to date with the latest security threats and industry best practices, ensuring that the team remains proactive in its approach to security.

What You'll Need:

• Extensive experience in application security, including expertise in secure coding practices, threat modelling, vulnerability assessments, and incident response.
• Hands-on experience with security testing tools (SAST, DAST) and their integration into development pipelines.
• Strong understanding of advanced security concepts such as encryption, secure software design, identity management, and API security.
• Experience with cloud security (AWS, Azure, etc.) and securing microservices architectures.
• Proven leadership skills, with the ability to guide and mentor other engineers and influence security practices across teams.
• Excellent communication and collaboration skills, with a track record of working closely with cross-functional teams to improve security posture.
• 4+ years experience working as a Security Engineer / Application Security Analyst

Preferred Qualifications:

• Experience with regulatory frameworks (e.g., GDPR, PCI-DSS, SOC 2) and their integration into security processes.
• Industry-recognised security certifications (e.g., OSCP, OSCE, or similar).
• Familiarity with the latest security tools and frameworks to proactively identify vulnerabilities and mitigate threats.
• A passion for mentoring and developing others, with a commitment to continuous learning and improvement.

What We Offer:

• Competitive compensation packages (routinely benchmarked against the latest industry data), including base salary and annual bonuses
• "Work your way" with flexibility to suit your lifestyle. Tripadvisor Group takes a remote-friendly approach to collaboration across a worldwide team, with the option to join on-site as often as you'd like or as required by your team.
• Flexible schedule. Work-life balance is ingrained in our culture by design. Trust and accountability make it work.
• Donation matching. Give back? Give more! We match qualifying charitable donations annually.
• Tuition assistance. Want to level up your career? We love to hear it! Receive annual support for qualified programs.
• Lifestyle benefit. An annual benefit to spend on yourself. Use it on travel, wellness, or whatever suits you.
• Travel perks. We believe that travel is employee development, so we provide discounts and more.
• Employee assistance program. We're here for you with resources and programs to help you through life's challenges.
• Health benefits. We offer great coverage and competitive premiums.
• Generous referral scheme. Help us grow and be rewarded with generous awards for referring successful candidates.

Our Cultural Pillars:

Traveler First

We exist to create value for our customer, the traveler. We enable our suppliers and partners to unlock this value. Their collective behaviors and insights are what drives us.

Execution Is Our Edge

We act fast, experiment, learn from failure, iterate, and improve the solutions of tomorrow across every aspect of our business. Our execution is agile, data-driven, prioritised, and built to scale. We assume no problem is someone else's problem and finish what can be done today, knowing tomorrow will bring fresh challenges.

We Succeed Together

The best outcomes are driven by empathic, humble, and diverse subject matter experts working toward shared goals. We collaborate relentlessly, challenge assumptions, give actionable feedback, and set each other up for success through empowered teams with a clear charter. We transparently take ownership of our growth, individually and as a team. We celebrate the quality of our effort, our learnings, and our collective achievements.