Senior Application Security Engineer

<p><strong>About Tripadvisor </strong></p> <p>The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world’s most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global audience with partners through rich content, travel guidance, and two-sided marketplaces for experiences, accommodations, restaurants, and other travel categories. The subsidiaries of Tripadvisor, Inc. (Nasdaq: TRIP), include a portfolio of travel brands and businesses, including Tripadvisor, Viator, and TheFork.</p> <p>We are looking for an experienced <strong>Senior Application Security Engineer</strong> to join our growing team at Tripadvisor Experiences. In this role, you will take a lead position in securing the applications that power our platform. As a Senior Engineer, you will design and implement advanced security measures, mentor junior engineers, and play a key role in ensuring the security of our products and infrastructure. This is a fantastic opportunity to influence our security practices and help shape the future of application security within the organisation.</p> <p>This role is based remotely in Poland. We hire based on a permanent contract (UoP).</p> <p><strong>What You’ll Do:</strong></p> <ul> <li>Lead the design and implementation of advanced application security measures, including encryption, secure APIs, and identity management.</li> <li>Conduct in-depth threat modelling and risk assessments to identify and mitigate potential security risks.</li> <li>Performing manual security assessments including code reviews.</li> <li>Act as a Subject Matter Expert (SME)  for security breaches, including performing root cause analysis and creating corrective actions related to security vulnerabilities.</li> <li>Develop and enforce application security policies across multiple engineering teams, ensuring consistency and scalability.</li> <li>Mentor and train junior engineers, helping them improve their security knowledge and practices.</li> <li>Provide expert advice on security architecture and design for new features and systems.</li> <li>Collaborate with engineering and product teams to integrate security requirements into software development lifecycles.</li> <li>Champion security initiatives by advocating for prioritisation of security issues and resolution of technical debt.</li> <li>Stay up to date with the latest security threats and industry best practices, ensuring that the team remains proactive in its approach to security.</li> </ul> <p><strong>What You’ll Need:</strong></p> <ul> <li>Extensive experience in application security, including expertise in secure coding practices, threat modelli