Application Security Engineer

Posted 1 day 9 hours ago by InterQuest Group

Permanent
Not Specified
Other
Noord-Holland, Netherlands
Job Description

We are seeking a highly skilled Application Security Engineer with deep expertise in API security and Large Language Model (LLM) protection to join our security team. In this role, you will be at the forefront of safeguarding our cutting-edge services, ensuring secure development practices, and defending against emerging threats-particularly in AI-driven applications.


You will design and implement robust security controls for our APIs, mitigate LLM-specific risks (such as prompt injection and resource abuse), and foster a security-first culture across engineering teams. If you're passionate about stopping API abuse, optimizing authentication mechanisms, and securing next-gen AI applications, this is the perfect opportunity to make a real impact.


Key Responsibilities:

API Security Leadership

  • Implement and enforce best practices for API security (OWASP API Top 10, JWT/OAuth 2.0, API key management).


LLM & AI Security

  • Develop strategies to detect and prevent LLM abuse (e.g., prompt injection, excessive cost exploitation).
  • Collaborate with AI/ML teams to embed security into model interactions.


Secure Development Advocacy

  • Conduct security code reviews, threat modeling, and penetration testing for critical services.
  • Train engineering teams on secure coding practices and emerging threats.
  • Drive the adoption of automated security tooling in CI/CD pipelines.


Incident Response & Threat Hunting

  • Monitor for anomalous API traffic and respond to security incidents.
  • Research emerging attack vectors targeting APIs and LLMs.


Required Skills & Experience:

API Security Expertise - Strong knowledge of OWASP API Security Top 10, REST/gRPC security, and authentication (JWT, OAuth 2.0).

Bot & Abuse Prevention - Hands-on experience with rate limiting, CAPTCHA, and behavioral bot detection.

LLM-Specific Security - Understanding of prompt injection, model evasion, and cost-based attacks.

Traffic Protection Tools - Familiarity with WAFs (Cloudflare, AWS WAF), API gateways (Kong, Apigee), and DDoS mitigation.

Coding & Scripting - Ability to review code (Python, JavaScript, Go) and automate security checks.

Collaborative Mindset - Strong communication skills to work with developers, DevOps, and AI teams.


This is a brilliant opportunity to join an organisation that is helping shape the AI landscape as we see it. The bar is high, but so is the reward as you'll be working alongside and on some of the most innovative projects available.


Salary is flexible, but the sweet spot is around the €120k mark and comes with equity options too. If you're interested in learning more then don't hesitate in applying or feel free to send your CV directly to