Application Security Expert

Job Description • Research, evaluation, and implementation of advanced security solutions across production environments, leveraging AI-driven analysis and automation to improve coverage • Identify and mitigate security risks in platform code and product services, using AI-assisted techniques to surface non-trivial vulnerabilities at scale • Partner closely with development teams throughout the SDLC - conducting security design reviews, threat modeling, and penetration testing • Design and build innovative security tools and services, incorporating LLMs and other AI capabilities to proactively detect, prioritize, and remediate cross-cutting security issues • Continuously evaluate and integrate emerging AI technologies to enhance security research methodologies and operational efficiency Requirements • 3+ years of hands-on experience in application security • Strong offensive security mindset with proven experience • Experience or strong interest in applying AI/LLMs to security use cases (e.g., code analysis, vulnerability discovery, automation of security workflows) • Deep understanding of web application vulnerabilities, real-world exploitation techniques, and browser security mechanisms • Solid knowledge of authentication and authorization models, and modern application security practices • Demonstrated ability to operate independently, take ownership, and drive initiatives end-to-end • Strong analytical skills - able to break down complex systems, identify weak points, and uncover high-impact security opportunities • Curious, adaptable, and passionate about emerging technologies Nice to have: • Hands-on experience building or integrating AI-based security tools or workflows • Published security research or active participation in bug bounty programs • Experience with Node.js, Java, or Scala • Familiarity with containerized environments (Docker, Kubernetes) • Experience with cloud platforms (AWS, GCP) and microservices architectures About the Team Wix’s Security Guild is a group of highly motivated Security Engineers that form part of the Wix R&D group. We allow Wix Developers and users to achieve their goals without risk, often meaning we find or create unique solutions. Our work is exceptionally challenging due to Wix’s scale, agility, and advanced technical diversity.  Wix’s Application Security is a group of highly motivated Security Engineers that form a part of the huge R&D group at Wix. Our job is to allow Wix developers and users to achieve their goals without risk, which often means we have to find or invent completely unique solutions. We play an essential role in every area of Wix: design, innovation, SDLC, architecture, infra, dedicated tool/solution development. When it comes to technology, we have the ultimate playground, and although we work closely together, there’s always space for independence, innovation and creativity for every team member. About Wix Wix makes it possible for anyone to succeed online.  Since 2006, we've grown to around 5,300 employees in 22 countries, launched over 40 products, and serve over 299 million users and their visitors worldwide.  At Wix, we push you to innovate and evolve in non-traditional ways. We operate in collaborative, high-performing teams, building cutting-edge products and leveraging AI to redefine how our users create, manage and grow their dreams online. Although we're already industry leaders in web creation and business, our work is nowhere near done. Our goal is to become the main engine of the Internet so we can create a more open web for all.   We're proud to be an equal opportunity employer.  Wix was built around the idea that everyone has the right to be successful, online. This same vision defines us as an employer: creating a work environment where everyone is welcome, and anyone has the right to succeed.