Application Security Engineer

The world's most advanced VPN, and a whole lot more. 

If you're a curious problem-solver who carves their own path, join the team behind Threat Protection Pro, the NordLynx protocol, and the fastest VPN on the planet—tools that put privacy, security, and control back in people's hands.

Your impact? Helping millions take back control of their online security, privacy, and data.

Risk Department plays a vital role in protecting the organization, ensuring resilience and security across all operations. By assessing risks, ensuring compliance, and managing security audits, this team helps build a strong and trustworthy foundation.

• Conduct security reviews of application designs, source code, and third-party libraries;
• Perform regular application vulnerability assessments using both automated tools and manual testing techniques (e.g., SAST, DAST, SCA, penetration testing);
• Collaborate with development teams to design secure architectures and implement security controls;
• Help maintain security tools, scripts, and processes to support secure development;
• Stay current with industry trends, zero-day vulnerabilities, and best practices in application security;
• Develop scripts and security automation tools to enhance application security testing processes;
• Design and deliver training for security engineering awareness & adoption;
• Actively look for internal security gaps within the product or organization overall;
• Ensure mobile/desktop applications are sufficiently tested and support internal and external audits;

• Proven experience in mobile/desktop application security assessment planning, testing, methodologies, and vulnerability reporting;
• Strong understanding of secure coding practices;
• Ability to perform manual security code audit;
• Proficiency in at least one low-level programming language (e.g. C, C++, Rust, Go).Solid understanding of networking protocols such as TCP, UDP and the HTTP protocol;
• Familiarity with debuggers (e.g. GDB, LLDB, WinDbg).Familiarity with reverse engineering tools (e.g. Ghidra, IDA).Solid understanding of memory corruption issues, buffer overflows and related vulnerability classes.
• Familiarity with common authentication and authorization protocols (OAuth, SAML, JWT, etc.).
• Ability to work with networking tools such as Wireshark and tcpdump.
• Ability to quickly assimilate new technologies and tools;
• Sense of ownership with strong problem-solving and investigation skills;
• Ability to build and maintain relationships, influence key stakeholders across the business;
• Bonus points for community contributions like public CVEs, bug bounty recognition, open-source tools, blogs, etc.

What We Offer

Innovate with industry leaders

Work alongside global experts to build world-leading cybersecurity tools, impacting millions of users around the world.

Learn & grow

Boost your skills via our extensive training programs (online and offline) & other resources. Benefit from mentorship and career-switch opportunities to grow within the company. 

Hybrid work

Enjoy the flexibility with 3 office days and working from home for the remaining 2.

Work from anywhere

Recharge with a change of scenery – choose work from any location when you feel a need to power your creativity and drive. 

Physical well-being

Fuel your active lifestyle with online workouts led by our Physical Well-Being experts. 

Mental & emotional health

Nurture your mind with free psychologist consultations, dedicated mental health events, and premium access to top-rated wellness apps like Calm, Headspace, and Mindletic.

Joyful moments – special treats

Celebrate life's big moments with special gifts from us on your birthday, anniversary, and other major events, such as weddings or the arrival of a new family member.

Company events & team-building

Experience iconic Nord Security celebrations, team-buildings, and knowledge-sharing events, nurturing bonds that fuel our success.

Workation

Embark on a legendary company getaway abroad, filled with exciting activities, live concerts, engaging workshops, and epic time together.

Kindly refer to our Privacy Notice for Recruitment Candidates for comprehensive information regarding our data handling procedures throughout recruitment processes:

We expect all candidates to provide accurate and complete information during the recruitment process. While limited use of AI tools to refine application materials is acceptable, candidates remain fully responsible for ensuring that their submissions reflect their own qualifications, skills, and experience. Any failure to do so may negatively affect participation in the recruitment process. If broader AI assistance is allowed for a particular role or stage, we'll let you know in advance.

By submitting your application, you acknowledge that it may be processed using automated tools for evaluation purposes. As part of our recruitment process, we may use an AI-based application review tool to help assess applications based on skills and experience relevant to the role. This technology is used to support - not replace - human decision-making, and every application is ultimately reviewed by a recruiter.

If you would like more information about how AI is used in this process or wish to exercise your rights under applicable data privacy laws, please contact us at  Should you prefer to opt out of the automated evaluation, please submit your application directly to