Portugal - Senior Application Security Engineer (Viator)

Viator, a Tripadvisor company, is the leading marketplace for travel experiences. We believe that making memories is what travel is all about. And with 300,000+ travel experiences to explore—everything from simple tours to extreme adventures (and all the niche, interesting stuff in between)—making memories that will last a lifetime has never been easier. With industry-leading flexibility and last-minute availability, it's never too late to make any day extraordinary. Viator. One app, 300,000+ travel experiences you’ll remember.

We are looking for an experienced Senior Application Security Engineer to join our growing team at Viator. In this role, you will take a lead position in securing the applications that power our platform. As a Senior Engineer, you will design and implement advanced security measures, mentor junior engineers, and play a key role in ensuring the security of our products and infrastructure. This is a fantastic opportunity to influence our security practices and help shape the future of application security within the organisation.

Viator is a remote-first company. This role is based remotely in Poland / Portugal.

What You’ll Do:

• Lead the design and implementation of advanced application security measures, including encryption, secure APIs, and identity management.
• Conduct in-depth threat modelling and risk assessments to identify and mitigate potential security risks.
• Performing manual security assessments including code reviews.
• Act as a Subject Matter Expert (SME)  for security breaches, including performing root cause analysis and creating corrective actions related to security vulnerabilities.
• Develop and enforce application security policies across multiple engineering teams, ensuring consistency and scalability.
• Mentor and train junior engineers, helping them improve their security knowledge and practices.
• Provide expert advice on security architecture and design for new features and systems.
• Collaborate with engineering and product teams to integrate security requirements into software development lifecycles.
• Champion security initiatives by advocating for prioritisation of security issues and resolution of technical debt.
• Stay up to date with the latest security threats and industry best practices, ensuring that the team remains proactive in its approach to security.

What You’ll Need:

• Extensive experience in application security, including expertise in secure coding practices, threat modelling, vulnerability assessments, and incident response.
• Hands-on experience with security testing tools (SAST, DAST) and their integration into development pipelines.
• Strong understanding of advanced security concepts such as encryption, secure software design, identity management, and API security.
• Experience with cloud security (AWS, Azure, etc.) and securing microservices architectures.
• Proven leadership skills, with the ability to guide and mentor other engineers and influence security practices across teams.
• Excellent communication and collaboration skills, with a track record of working closely with cross-functional teams to improve security posture.
• 4+ years experience working as a Security Engineer / Application Security Analyst

Preferred Qualifications:

• Experience with regulatory frameworks (e.g., GDPR, PCI-DSS, SOC 2) and their integration into security processes.
• Industry-recognised security certifications (e.g., OSCP, OSCE, or similar).
• Familiarity with the latest security tools and frameworks to proactively identify vulnerabilities and mitigate threats.
• A passion for mentoring and developing others, with a commitment to continuous learning and improvement.

Perks of Working at Viator

• Competitive compensation packages, including base salary, annual bonus, and equity.
• “Work your way” with flexibility to suit your lifestyle. We take a remote-friendly approach to collaboration, with the option to join on-site as often as you’d like in select locations. 
• Flexible schedule. Work-life balance is ingrained in our culture by design. Trust and accountability make it work.
• Donation matching. Give back? Give more! We match qualifying charitable donations annually.
• Tuition assistance. Want to level up your career? We love to hear it! Receive annual support for qualified programs.
• Lifestyle benefit. An annual benefit to spend on yourself. Use it on travel, wellness, or whatever suits you.
• Travel perks. We believe that travel is employee development, so we provide discounts and more.
• Employee assistance program. We’re here for you with resources and programs to help you through life’s challenges.
• Health benefits. We offer great coverage and competitive premiums

Our Values

We aspire to lead; We’re relentlessly curious;... want to know more? Read up on our values: 

• We aspire to lead. Tap into your talent, ambition, and knowledge to bring us – and you – to new heights.
• We’re relentlessly curious. We push beyond the usual, the known, the “that’s just how it’s done.”
• We’re better together. We learn from, accept, respect, support, and value one another– and are creating something remarkable in the process.
• We serve our customers, always. We listen, question, respond, and strive for wow moments. 
• We strive for better, not perfect. We won’t get it right the first time – or every time. We’ll provide a safe environment in which to make mistakes, iterate, improve, and grow.
• Our workplace is for everyone, as is our people powered platform. At Tripadvisor, we want you to bring your unique identities, abilities, and experiences, so we can collectively revolutionize travel and together find the good out there.