Careers - Sri Lanka

Engineering Team

Senior Software Engineer - Platform Security

Careers > Sri Lanka
Location: Colombo

The Platform Security Team at WSO2 works towards continuously improving the security posture of our products and services and to promote a security culture within the organization.

We have a vacancy for a Senior Software Engineer who is a competent software engineering professional with great enthusiasm for the application security domain.


  • Build processes to ensure a security-focused SDLC, and ultimately, vulnerability free products and services.
  • Automate security processes to increase the efficiency of the SDLC.
  • Development of new security tools, improvement and adoption of existing open source tools, and integrations with external tools.
  • Attending in-design and code reviews of engineering teams to provide the security insight and thereby ensure early identification of vulnerabilities.
  • Conduct research on new technologies and methodologies related to application security and the latest vulnerabilities and attacks.
  • Evangelize the security knowledge across the engineering teams by preparing best practices guidelines and training them.
  • Provide guidance and assistance to engineering teams to handle security incidents and other security-related tasks.
  • Participate in security-related conferences like OWASP AppSec and BlackHat and present our research and development work to the wider security community.
  • Work with external security researchers on the responsible disclosure of vulnerabilities.


  • Passionate about the application security domain and building a career in it.
  • Knowledgeable in computer security principles and practices.
  • Strong professional software engineering background with a minimum of 3 years of experience in application development.
  • Renowned security certifications like OSCP and CISSP are an added advantage.


  • Opportunity to define security goals and processes that touch every phase of the SDLC.
  • Contribute to the feature developments in open source security projects.
  • Build a personal brand by publishing papers and presenting in security conferences and meetups.
  • Work closely with engineering teams that specialize in various domains and learn about the security considerations in them.
  • Work with customers, vendors, and external researchers on security-related matters.