Application Security Engineer
Listed on 2026-03-01
-
IT/Tech
Cybersecurity, Systems Engineer, Security Manager
Overview
Flo Sports leads the way in delivering world-class digital streaming for millions of fans, families, and athletes in underserved sports. Our digital platform unites casual and dedicated spectators alike, offering thrilling live events from around the world with interactive features, real-time analytics, and powerful broadcast technology. As the essential destination for niche sports content, we deliver everything from breaking news and expert commentary to feature films, documentaries, and multi-episodic series.
We've revolutionized the global sports media industry by building a diverse team—technologists and wrestlers, creators and cheerleading experts, designers and hockey enthusiasts, communicators and motor sport fanatics, producers and sports fans—all united by our passion to serve underrepresented sports communities. We re creating the ultimate destination for our sports, and we re looking for people like you to join us!
At Flo Sports, we believe security should accelerate engineering, not slow it down. We re building an Application Security function that partners closely with our developers to ship secure code faster. This isn t about blocking deployments or creating friction—it's about enabling engineers to build with confidence.
Responsibilities- Partner with Engineering on Security:
Work directly with development teams to triage, explain, and remediate security findings - Conduct lightweight security reviews of code changes, architecture decisions, and new features
- Be a trusted resource that engineers actually want to consult—not a blocker they work around
- Integrate Security into CI/CD:
Manage and optimize our security tooling: AWS Security Hub, Git Hub security features, and Aikido - Build and maintain automated security checks in our deployment pipelines
- Reduce noise by tuning tools to surface real risks, not false positives
- Drive Vulnerability Management:
Own the vulnerability lifecycle from discovery through remediation - Prioritize findings based on actual risk to the business, not just CVSS scores
- Track metrics and report on security posture to leadership
- Build Security Knowledge Across Engineering:
Create practical secure coding guidelines that developers will actually use - Run lightweight training sessions and lunch-and-learns on common vulnerability patterns
- Document security patterns and anti-patterns specific to our stack
- Grow Our App Sec Practice:
Help establish application security processes as we scale - Contribute to security architecture decisions for new products and features
- Stay current on emerging threats and bring relevant insights to the team
Skills And Abilities
Technical Foundation
- 2+ years of experience in software engineering, Dev Ops, or security
- Solid understanding of web application security fundamentals (OWASP Top 10, common vulnerability classes)
- Hands-on experience with at least one programming language (Python, JavaScript/Node.js, Go, or similar)
- Familiarity with CI/CD pipelines and modern development workflows (Git Hub Actions, Helm, etc.)
- Understanding of secure coding practices and common vulnerability patterns
- Experience with or strong interest in security tools (SAST, DAST, SCA, or cloud security)
- Familiarity with AWS security services (Security Hub, IAM, Guard Duty) is a plus
- Knowledge of container security and Kubernetes is a plus
- Genuine curiosity about security—you enjoy understanding how things break
- Strong communication skills—you can explain security concepts to developers without being condescending
- Collaborative approach—you see yourself as a partner to engineering, not a gatekeeper
- Growth mindset—you're eager to learn and develop your App Sec expertise
Flo Sports exists to elevate the communities, athletes, and sports that have too often been overlooked. That mission starts with our own team. We believe that a diverse, inclusive workplace—one where different perspectives are sought out, heard, and valued—is essential to building a company that can truly serve the full spectrum of sports fans.
We are committed to creating a fair and equitable environment where people from all backgrounds…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).