Logo for Willow Health

Application Security Engineer

Role overview

Qualifications

  • Strong knowledge of web/mobile security vulnerabilities, AI security risks, and industry standards (e.g., OWASP Top 10, CWE)
  • Hands-on experience with threat modeling frameworks (e.g., STRIDE), code reviews, penetration testing, and SAST/DAST/SCA tools
  • Proficiency in scripting/programming (e.g., Python, Rust) and experience with CI/CD systems and Infrastructure as Code (e.g., Pulumi)
  • Availability for on-call shifts to guarantee 24x7 security monitoring and support

Responsibilities

  • Define security requirements and design application architectures following a secure-by-default approach
  • Conduct threat modeling, code reviews, and penetration testing on cloud-based web and mobile apps to proactively identify vulnerabilities
  • Implement, manage, and automate SAST/DAST/SCA security controls and WAF rules to enforce protection at scale
  • Partner with Product teams to ensure robust protection and foster a security-first development culture

About the company

Willow Health logo

Willow Health

Legal Services

Company details

IndustryLegal Services
Company size1 - 10

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

Are you looking for a new challenge?

Fancy helping us shape the future of motor insurance?

Prima could be the place for you. 

Since 2015, we’ve been using our love of data and tech to rethink motor insurance and bring drivers a great experience at a great price. Our story began in Italy, where we’ve quickly become the number one online motor insurance provider. In fact, we’re trusted by over 5 million drivers. And now we’re expanding to help millions more drivers in the UK and Spain.


To help fuel that growth, we need a Application Security Engineer  to join our Security Engineering Team
 
The Engineering Department is the beating heart of Prima. You’ll be joining over 350 engineers across software development, infrastructure, operations and security: fueled by curiosity, experimentation and collaboration, you’ll help deliver scalable, impactful solutions that shape the future of insurance.
 
Excited to make an impact? Here are the details

What you'll do
  • Define security requirements and design application architectures following a secure-by-default approach.

  • Conduct threat modeling, code reviews, and penetration testing on cloud-based web and mobile apps to proactively identify vulnerabilities.

  • Implement, manage, and automate SAST/DAST/SCA security controls and WAF rules to enforce protection at scale.

  • Partner with Product teams to ensure robust protection and foster a security-first development culture.

  • Participate in the investigation, management, and resolution of security alerts.

  • Collaborate on all core activities and initiatives of the Security Engineering team.


  • What we're looking for
  • Strong knowledge of web/mobile security vulnerabilities, AI security risks, and industry standards (e.g., OWASP Top 10, CWE).

  • Hands-on experience with threat modeling frameworks (e.g., STRIDE), code reviews, penetration testing, and SAST/DAST/SCA tools.

  • Proficiency in scripting/programming (e.g., Python, Rust) and experience with CI/CD systems and Infrastructure as Code (e.g., Pulumi).

  • Availability for on-call shifts to guarantee 24x7 security monitoring and support.

  • Self-motivated and proactive problem-solvers with strong English communication skills and experience in Agile environments.

  •  

    Nice-to-have
  • Practical experience with secure AWS design/implementation and Kubernetes (EKS) security.

  • Hands-on experience with WAF configurations (e.g., Cloudflare) and EDR, SIEM, or SOAR platforms.

  • Relevant industry certifications (e.g., OSCP, OSWA/E, BSCP, PWPA/E, eWPT, or similar).

  • Active involvement in security research, bug bounty programs, or CTF competitions.

  • Why you’ll love it here
     
    🤸 Work Your Way: Enjoy full flexibility – work from home, the office or a mix of both. Plus, work from anywhere for up to 30 days a year.
     
    ❗ This is a full remote position and we're considering candidates located in Italy, Spain or UK.

    🏁 Grow with us: We may move fast at Prima, but we move together. Get access to learning resources, mentorship and a growth plan tailored to you.

    🌈 Thrive and perform: Your best work begins when you feel your best. Enjoy private healthcare, gym discounts, wellbeing programs and mental health support.

    Think you’re a match? Apply now.

     

    At Prima, we celebrate uniqueness. If you don’t meet every requirement but are passionate about this role, we still want to hear from you. Innovation thrives on diverse perspectives.

    Prima is proud to be an equal opportunity employer. Need accommodations during the process? Email us at accessible.recruiting@prima.it. Let’s build the future of insurance, together.

    Apply once. Then go straight to the hiring manager.

    After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

    MR

    Marcus Rivera

    Chief Revenue Officer

    m.rivera@company.com
    linkedin.com/in/marcusrivera
    Unlocked after you apply
    ·

    Security Engineer Related jobs

    Other jobs at Willow Health

    Premium

    Reach out to the hiring manager directly.

    Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

    • Full match report with fit score and gaps
    • Career diagnostics on how recruiters read you
    • Curated company matches and warm intros
    • 48h early access to new roles

    Cancel anytime.