Application Security Engineer
FloSports leads the way in delivering world-class digital streaming for millions of fans, families, and athletes in underserved sports. Our digital platform unites casual and dedicated spectators alike, offering thrilling live events from around the world with interactive features, real-time analytics, and powerful broadcast technology. As the essential destination for niche sports content, we deliver everything from breaking news and expert commentary to feature films, documentaries, and multi-episodic series. We've revolutionized the global sports media industry by building a diverse team—technologists and wrestlers, creators and cheerleading experts, designers and hockey enthusiasts, communicators and motorsport fanatics, producers and sports fans—all united by our passion to serve underrepresented sports communities. We're creating the ultimate destination for our sports, and we're looking for people like you to join us!
THE ROLE:
At FloSports, we believe security should accelerate engineering, not slow it down. We're building an Application Security function that partners closely with our developers to ship secure code faster. This isn't about blocking deployments or creating friction—it's about enabling engineers to build with confidence.
As an Application Security Engineer, you'll be the bridge between our Security, SRE, and Engineering teams. You'll work hands-on with developers to identify vulnerabilities, integrate security tooling into our CI/CD pipelines, and help engineers understand and fix security issues before they reach production. You'll have a real impact on how we secure our platform for millions of streaming viewers.
This role is ideal for someone early in their AppSec career who has strong technical fundamentals, genuine curiosity about security, and the communication skills to partner effectively with developers. If you've been a developer who got interested in security, or a security practitioner who loves to code, you'll fit right in.
RESPONSIBILITIES:
Partner with Engineering on Security
Work directly with development teams to triage, explain, and remediate security findings
Conduct lightweight security reviews of code changes, architecture decisions, and new features
Be a trusted resource that engineers actually want to consult—not a blocker they work around
Integrate Security into CI/CD
Manage and optimize our security tooling: AWS Security Hub, GitHub security features, and Aikido
Build and maintain automated security checks in our deployment pipelines
Reduce noise by tuning tools to surface real risks, not false positives
Drive Vulnerability Management
Own the vulnerability lifecycle from discovery through remediation
Prioritize findings based on actual risk to the business, not just CVSS scores
Track metrics and report on security posture to leadership
Build Security Knowledge Across Engineering
Create practical secure coding guidelines that developers will actually use
Run lightweight training sessions and lunch-and-learns on common vulnerability patterns
Document security patterns and anti-patterns specific to our stack
Grow Our AppSec Practice
Help establish application security processes as we scale
Contribute to security architecture decisions for new products and features
Stay current on emerging threats and bring relevant insights to the team
KNOWLEDGE, SKILLS AND ABILITIES:
Technical Foundation
2+ years of experience in software engineering, DevOps, or security
Solid understanding of web application security fundamentals (OWASP Top 10, common vulnerability classes)
Hands-on experience with at least one programming language (Python, JavaScript/Node.js, Go, or similar)
Familiarity with CI/CD pipelines and modern development workflows (GitHub Actions, Helm, etc.)
Security Knowledge
Understanding of secure coding practices and common vulnerability patterns
Experience with or strong interest in security tools (SAST, DAST, SCA, or cloud security)
Familiarity with AWS security services (Security Hub, IAM, GuardDuty) is a plus
Knowledge of container security and Kubernetes is a plus
Mindset & Communication
Genuine curiosity about security—you enjoy understanding how things break
Strong communication skills—you can explain security concepts to developers without being condescending
Collaborative approach—you see yourself as a partner to engineering, not a gatekeeper
Growth mindset—you're eager to learn and develop your AppSec expertise
OUR COMMITMENT TO DIVERSITY:
FloSports exists to elevate the communities, athletes, and sports that have too often been overlooked. That mission starts with our own team. We believe that a diverse, inclusive workplace—one where different perspectives are sought out, heard, and valued—is essential to building a company that can truly serve the full spectrum of sports fans.
We are committed to creating a fair and equitable environment where people from all backgrounds can thrive. To help mitigate bias and expand opportunity, FloSports uses a blind recruiting process that supports more objective, inclusive hiring decisions. We’re intentional in our practices because we believe the best ideas and innovations come from teams that reflect the diversity of the world around us.
OUR BENEFITS:
Recognized three years in a row as a Top Workplace by the Austin-American Statesman
Flexibility at work - you can take control of your profession and personal schedule
All-hands events hosted annually in beautiful Austin, Texas
Annual equity awards for all top performers
Competitive and comprehensive medical, dental and vision plans
Peace of mind through company-paid short-term disability, long-term disability and life insurance
Generous 401(K) company match vested immediately
Progressive parental leave policies
Flexible paid time off
Hack-a-thons and a full calendar of team-building and social events
Company donation to youth teams and leagues that our employees coach
Stocked snack bar, catered lunch and breakfast tacos every week