(Senior) Application Security Engineer
Indexed description
About Sygnum
Sygnum is a global digital asset banking group, founded on Swiss and Singapore heritage. We empower professional and institutional investors, banks, corporates and DLT foundations to invest in digital assets with complete trust. Our team enables this through our institutional-grade security, expert personal service and portfolio of regulated digital asset banking, asset management, tokenization and B2B services.
In Switzerland, Sygnum holds a banking licence and has CMS and Major Payment Institution Licences in Singapore. The group is also regulated in the established global financial hubs of Abu Dhabi and Luxembourg.
We believe that the future has heritage. Our crypto-native team of banking, investment and digital asset technology professionals are building a trusted gateway between the traditional and digital asset economies that we call Future Finance. To learn more about how Sygnum’s mission and values are shaping this digital asset ecosystem, please visit sygnum.com and follow us on LinkedIn and X.
Our Values
A key pillar of our success are the Sygnum values that define and unite us a team. We proudly call them our SYGN values:
- S stands for the importance we hold in Seeking and seizing opportunities, and the way we take personal ownership for delivering results for our clients;
- Y represents the way we say Yes to maintaining the highest level of integrity and fairness in everything we do. Sygnumers always display confidence without attitude;
- G reminds us to always Grow and win together. We only succeed by supporting each other and challenging ourselves, and our team-mates, to reach for new heights;
- N is here for Nose for value because we are always looking to focus on what matters most to our clients, partners and team.
Sygnum has one of the most diverse teams in the industry. Diversity plays a central role in keeping our work culture open, our teams productive and energised, and our solutions at the forefront of the industry. In the spirit of our SYGN value to “grow and win together”, we fully embrace an equal opportunity mindset in the way we onboard, develop and promote our team members.
About the role
This is a hands-on technical role for someone who can operate deeply across modern application security disciplines and cloud-native environments. You will contribute to application security across our platform, covering web, mobile, APIs, backend services, and cloud infrastructure, by embedding security into engineering processes, CI/CD pipelines, and runtime environments. Your main responsibilities include:
- Integrate and improve security controls within CI/CD pipelines including SAST, DAST, SCA, and IaC scanning to strengthen DevSecOps practices
- Configure, operate, and optimise application security tooling, ensuring findings are actionable and integrated into engineering workflows
- Partner with engineering, platform, and product teams to design and implement secure-by-design architectures, perform threat modelling and promote secure development practices
- Evaluate open-source dependencies and contribute to software supply chain security initiatives
- Assess and secure AI-enabled applications and services, including AI/LLM integrations, AI supply chain risks, model security controls, and secure deployment patterns
- Review and harden Infrastructure-as-Code implementations to enable secure cloud deployment patterns and reusable guardrails
- Assess the security design of smart contracts, blockchain integrations, and third-party Web3 services
- Partner with SOC and engineering teams to improve detection, alerting, and response capabilities for application-layer threats.
Our ideal candidate
You are an experienced technical security expert who can demonstrate the following skills and experience:
- 5-7+ years of deep, hands-on experience in application security or DevSecOps in modern engineering environments
- Strong experience securing cloud-native architectures (AWS and Azure preferred)
- Deep understanding of Kubernetes security, containers, and IaC security
- Experience reviewing Infrastructure-as-Code and performing secure code reviews across backend, web, and/or mobile applications
- Practical knowledge of application security standards, e.g. OWASP Top 10 and API Top 10 in real-world systems
- Familiarity with runtime application security concepts including observability, detection engineering, and production security monitoring
- Strong understanding of API security concepts including authentication, authorisation, API gateways, and modern identity patterns
- Ability to work directly with engineers and influence design and implementation decisions
- Experience building AI agents and applying AI to automate security workflows
- Solid understanding of cryptography fundamentals and key management (KMS/HSM)
- Relevant education, certifications, or equivalent practical experience
Bonus points for:
- Experience with digital asset custody, web3, smart contract or transaction signing workflows
- Track record of owning or building an application security function
- Background in offensive security, red teaming, or bug bounty
Experience with financial services regulatory requirements (FINMA, MAS, DORA)
Our Offer
Joining Sygnum means being part of a dynamic, global team that is building a trusted gateway between the traditional and digital asset economies. Working at Sygnum, you will experience our fast-paced, exciting work environment that embraces meritocracy and collaboration and open communication. Alongside our ambitious long-term mission, we also come together for reaching important milestones and annual crypto-industry anniversaries like Bitcoin Pizza Day, and regularly celebrate together at themed company events as part of our journey to shape Future Finance.
Sygnum offers a comprehensive package of benefits for all team members. They include:
- Attractive combination of market salaries and entrepreneurial incentive scheme
- Flexible/Work at home policies
- Professional development via Mentoring and Buddy programs
- One-month fully paid sabbatical after five years of continuous employment
If you are passionate about the potential of blockchain to shape Future Finance and your profile is a good fit for this position, please send us your CV today!
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search