Application Security Engineer

TL;DR We are seeking an Application Security Engineer to champion security across our entire development lifecycle. You’ll play a pivotal role in reviewing code, designing secure features, and mentoring engineers, ensuring security is at the heart of everything we build. If you’re passionate about application security, thrive on close collaboration with developers, and want to do the work of your life, this is your opportunity

Why Lovable?

Lovable enables anyone to build software using plain English. From solo founders to Fortune 100 teams, millions use Lovable to turn ideas into products—quickly and securely. We’re leading a fundamental shift in how software is created, and you’ll help shape the security standards for this new era. With over 2 million users in 200+ countries, our reach is global—and growing fast.

We’re a small, high-impact team based in Stockholm, driven by ownership, speed, and low-ego collaboration. We value people who care deeply, move quickly, and want to make a real difference.

What You’ll Bring

5+ years of experience in application security, securing cloud-native environments at product-focused tech companies, high-growth startups, or leading AI labs.

Strong programming and engineering skills.

Deep expertise in application security: secure code review, threat modeling, SAST/DAST, supply chain security, product patching, and vulnerability management.

Strong background in securing engineering infrastructure: CI/CD pipelines, secrets management, service-to-service authentication, containerized workloads, and public cloud platforms.

Hands-on experience collaborating with developers to design and implement security features and best practices.

Passion for educating and mentoring engineers on secure coding, vulnerability remediation, and emerging threats.

Systems mindset: comfortable reading and contributing to codebases, building security tooling, and integrating security into engineering workflows.

Bonus: Experience building internal security too