Senior Application Security Engineer

The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world’s most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global audience with partners through rich content, travel guidance, and two-sided marketplaces for experiences, accommodations, restaurants, and other travel categories. The subsidiaries of Tripadvisor, Inc. (Nasdaq: TRIP), include a portfolio of travel brands and businesses, including Tripadvisor, Viator, and TheFork.

We are looking for an experienced Senior Application Security Engineer to join our growing team at Tripadvisor Experiences. In this role, you will take a lead position in securing the applications that power our platform. As a Senior Engineer, you will design and implement advanced security measures, mentor junior engineers, and play a key role in ensuring the security of our products and infrastructure. This is a fantastic opportunity to influence our security practices and help shape the future of application security within the organisation.

This role is based remotely in Poland. We hire based on a permanent contract (UoP).

• →Lead the design and implementation of advanced application security measures, including encryption, secure APIs, and identity management.
• →Conduct in-depth threat modelling and risk assessments to identify and mitigate potential security risks.
• →Performing manual security assessments including code reviews.
• →Act as a Subject Matter Expert (SME)  for security breaches, including performing root cause analysis and creating corrective actions related to security vulnerabilities.
• →Develop and enforce application security policies across multiple engineering teams, ensuring consistency and scalability.
• →Mentor and train junior engineers, helping them improve their security knowledge and practices.
• →Provide expert advice on security architecture and design for new features and systems.
• →Collaborate with engineering and product teams to integrate security requirements into software development lifecycles.
• →Champion security initiatives by advocating for prioritisation of security issues and resolution of technical debt.
• →Stay up to date with the latest security threats and industry best practices, ensuring that the team remains proactive in its approach to security.

• Extensive experience in application security, including expertise in secure coding practices, threat modelling, vulnerability assessments, and incident response.
• Hands-on experience with security testing tools (SAST, DAST) and their integration into development pipelines.
• Strong understanding of advanced security concepts such as encryption, secure software design, identity management, and API security.
• Experience with cloud security (AWS, Azure, etc.) and securing microservices architectures.
• Proven leadership skills, with the ability to guide and mentor other engineers and influence security practices across teams.
• Excellent communication and collaboration skills, with a track record of working closely with cross-functional teams to improve security posture.
• 4+ years experience working as a Security Engineer / Application Security Analyst

• Experience with regulatory frameworks (e.g., GDPR, PCI-DSS, SOC 2) and their integration into security processes.
• Industry-recognised security certifications (e.g., OSCP, OSCE, or similar).
• Familiarity with the latest security tools and frameworks to proactively identify vulnerabilities and mitigate threats.
• A passion for mentoring and developing others, with a commitment to continuous learning and improvement.

We exist to create value for our customer, the traveler. We enable our suppliers and partners to unlock this value. Their collective behaviors and insights are what drives us. 

We act fast, experiment, learn from failure, iterate, and improve the solutions of tomorrow across every aspect of our business. Our execution is agile, data-driven, prioritised, and built to scale. We assume no problem is someone else’s problem and finish what can be done today, knowing tomorrow will bring fresh challenges. 

The best outcomes are driven by empathic, humble, and diverse subject matter experts working toward shared goals. We collaborate relentlessly, challenge assumptions, give actionable feedback, and set each other up for success through empowered teams with a clear charter. We transparently take ownership of our growth, individually and as a team. We celebrate the quality of our effort, our learnings, and our collective achievements.

We strive to create an accessible and inclusive experience for all candidates. If you need a reasonable accommodation during the application or the recruiting process, please make sure to reach out to your individual recruiter or our team at AccessibleRecruiting@tripadvisor.com.

If you have any additional questions about careers at Tripadvisor you can email us at recruitment@tripadvisor.com. We have all the answers!