Required:

• 3+ in Windows desktop application development using Windows App SDK, WinUI (or similar), C#, XAML — and ideally additional experience with native Windows code (C++, Win32/WinRT/COM).
• Deep understanding of Windows application architecture, including interop between managed code (.NET) and native code.
• Proven track record of designing, building, and shipping production-quality desktop applications, with an emphasis on reliability, performance, scalability, and maintainability.
• Strong experience with accessibility APIs on Windows (e.g. Microsoft UI Automation or similar), and a dedication to building accessible and inclusive software.
• Excellent software engineering fundamentals: OOP, design patterns, data structures, algorithms, memory management, multi-threading or asynchronous programming (where relevant).
• Experience leading technical design, mentoring other engineers, conducting code reviews, and making architecture-level decisions.
• Strong communication skills; ability to articulate tradeoffs, collaborate with cross-functional teams, and drive consensus.
• A user-centric mindset: focus on building polished, intuitive, and accessible experiences for end users.

Preferred / Bonus:

• Experience with writing automated tests for UI — unit tests, integration tests, UI automation tests; familiarity with relevant testing frameworks.
• Experience with performance optimization for desktop apps (memory usage, startup time, rendering performance, high-DPI support, responsiveness under load).
• Experience with localization/globalization, right-to-left UI support, internationalization, accessibility for multiple regions.
• Familiarity with telemetry, analytics, crash reporting, logging, and error monitoring in desktop applications.
• Previous experience in shaping CI/CD workflows, release pipelines, and deployment strategies for desktop applications.
• Demonstrated ability to take ownership of feature areas or modules and drive them long-term, including maintenance, refactoring, and technical debt management.

What we offer

• A high-impact role: you will define architecture, shape the future of our Windows product, and directly influence what millions of users see and experience.
• A collaborative, flat-structure engineering culture — you are not just a coder, but a builder and a decision-maker.
• Opportunities to lead — mentor others, steer technical direction, and grow into broader technical leadership (e.g. Tech Lead, Architect).
• Flexibility, autonomy, and responsibility: you define how to solve problems, own features end-to-end, and contribute to long-term product vision.
• A purpose-driven mission: building software that’s reliable, accessible, and user-centered — making a real difference for people.                  

Think you’re a good fit for this job? 

Tell us more about yourself and why you're interested in the role when you apply.
And don’t forget to include links to your portfolio and LinkedIn.

Not looking but know someone who would make a great fit? 
Refer them! 

Speechify is committed to a diverse and inclusive workplace. 
Speechify does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

Required:

• 3+ in Windows desktop application development using Windows App SDK, WinUI (or similar), C#, XAML — and ideally additional experience with native Windows code (C++, Win32/WinRT/COM).
• Deep understanding of Windows application architecture, including interop between managed code (.NET) and native code.
• Proven track record of designing, building, and shipping production-quality desktop applications, with an emphasis on reliability, performance, scalability, and maintainability.
• Strong experience with accessibility APIs on Windows (e.g. Microsoft UI Automation or similar), and a dedication to building accessible and inclusive software.
• Excellent software engineering fundamentals: OOP, design patterns, data structures, algorithms, memory management, multi-threading or asynchronous programming (where relevant).
• Experience leading technical design, mentoring other engineers, conducting code reviews, and making architecture-level decisions.
• Strong communication skills; ability to articulate tradeoffs, collaborate with cross-functional teams, and drive consensus.
• A user-centric mindset: focus on building polished, intuitive, and accessible experiences for end users.

Preferred / Bonus:

• Experience with writing automated tests for UI — unit tests, integration tests, UI automation tests; familiarity with relevant testing frameworks.
• Experience with performance optimization for desktop apps (memory usage, startup time, rendering performance, high-DPI support, responsiveness under load).
• Experience with localization/globalization, right-to-left UI support, internationalization, accessibility for multiple regions.
• Familiarity with telemetry, analytics, crash reporting, logging, and error monitoring in desktop applications.
• Previous experience in shaping CI/CD workflows, release pipelines, and deployment strategies for desktop applications.
• Demonstrated ability to take ownership of feature areas or modules and drive them long-term, including maintenance, refactoring, and technical debt management.

What we offer

• A high-impact role: you will define architecture, shape the future of our Windows product, and directly influence what millions of users see and experience.
• A collaborative, flat-structure engineering culture — you are not just a coder, but a builder and a decision-maker.
• Opportunities to lead — mentor others, steer technical direction, and grow into broader technical leadership (e.g. Tech Lead, Architect).
• Flexibility, autonomy, and responsibility: you define how to solve problems, own features end-to-end, and contribute to long-term product vision.
• A purpose-driven mission: building software that’s reliable, accessible, and user-centered — making a real difference for people.                  

Think you’re a good fit for this job? 

Tell us more about yourself and why you're interested in the role when you apply.
And don’t forget to include links to your portfolio and LinkedIn.

Not looking but know someone who would make a great fit? 
Refer them! 

Speechify is committed to a diverse and inclusive workplace. 
Speechify does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.

THE ROLE 

The Senior Application Security Engineer is a key member of Cognism’s Information Security Team, reporting into the Application & Infrastructure Security Manager. Your mission is to embed security by design across our engineering and product organization by integrating modern application security practices throughout the full development lifecycle. We focus on building secure, scalable, and resilient systems while enabling the business to innovate quickly and safely. It is to drive a culture where the fastest path for our engineers is the securest path. 

You will work closely with Product, Engineering, Architecture, and Data teams to understand risks within our platform, including risks introduced by AI powered features, and ensure the right controls, guardrails, and security patterns are built into the product at its inception – all the while ensuring a balanced approach to the product experience that our thousands of large global enterprise customers use every day. 

This role is ideal for a senior IC who is technical, collaborative, and pragmatic, with the ability to influence engineering teams while driving hands on improvements to Cognism’s secure SDLC. 

KEY RESPONSIBILITIES 

Security by Design & Product Integration 

• Partner with Product, Web and Data Engineering teams from the ideation stage to ensure security requirements are considered early in feature and model design.
• Translate product and application risks into actionable security controls, making recommendations repeatable to build guardrails and guidance that product, design, and engineering teams can apply as they scale and build the products in the teams they own.
• Help shape security acceptance criteria and guide engineering teams during design reviews and backlog planning. 

Application Risk Assessment & AI Security 

• Identify and assess application risks across Cognism’s SaaS platform, data processing pipelines, including emerging risks associated with AI/ML capabilities.
• Contribute to AI feature reviews and participate in AI risk assessments to ensure responsible and secure use of models, in a way that balances the need to innovate and challenge the status quo in AI implementation.
• Assess and pragmatically recommend mitigations for security risks in data pipelines, model-training workflows, feature stores, and ML systems, ensuring strong controls for data access, data lineage, model integrity, and protection of sensitive datasets. 

Secure SDLC & DevSecOps Enablement 

• Partner with our engineering and platform team to embed security guardrails into our software development lifecycle and agile engineering workflows.
• Partner with engineering teams to integrate and optimize security tooling into CI/CD pipelines (SAST, SCA, DAST, container scanning, IaC scanning).
• Drive automation and developer-friendly security processes that minimize friction and support rapid delivery. 

Threat Modelling & Architecture Support 

• Conduct and facilitate a self-serve, risk-driven approach to pragmatic threat modelling sessions for new features, services, and AI components.
• Conduct threat modelling for data architectures, including ingestion, transformation, storage, streaming, and ML model deployment patterns, ensuring data confidentiality, integrity, and responsible use.
• Provide hands-on application security guidance to engineering teams, helping them implement secure APIs, microservices, data flows, and integrations.
• Maintain and expand Cognism’s secure coding standards, guidance, and reusable security patterns. 

Application Security Testing & Engineering 

• Perform hands-on security testing (manual and automated) for web applications, microservices, APIs, and cloud components.
• Plan, coordinate, and oversee penetration tests, red team exercises, and third-party security assessments, ensuring findings are addressed and tracked.
• Validate findings, assist with prioritization, and partner with engineering teams on remediation strategies. 

Collaboration, Education & Influence 

• Work directly with product squads, acting as a trusted advisor and embedded security partner. Take the time to understand what other teams are working on, what business priorities are, and partner with teams to recommend risk mitigations that balance risk with opportunity and that take into account the threat landscape. 
• Deliver security training, workshops, and guidance to improve engineering teams’ security maturity.Communicate security risk and tradeoffs clearly and constructively to technical and nontechnical stakeholders. 

CORE COMPETENCIES 

• Strong technical depth in application security, cloud security, and secure development.
• Understanding of modern data stack components (e.g., data pipelines, feature stores) and the ability to collaborate effectively with data practitioners.
• Deep understanding of communication protocols used for web development is a must-have.
• Hands on experience with web application development, specifically for back-end development is a must-have competency. 
• Risk-Based Prioritization: Ability to distinguish between theoretical security risks and actual business threats, demonstrating a "risk-driven" rather than "compliance-driven" mindset. Comfortable balancing security risk with product and commercial realities.
• Contextual Communication: Capacity to translate complex technical vulnerabilities into business-impact stories that resonate with non-technical stakeholders and product owners. 
• Collaborative Conflict Resolution: Proven track record of approaching engineering friction with transparency and pragmatism, balancing a firm stance on security with a deep care for the developer experience. Pragmatic problem solver with a growth mindset and bias toward action.
• Architectural Empathy: Ability to put yourself in the position of your users (the engineers) to build security guardrails that are repeatable and embedded into existing workflows rather than added as hurdles. 

EDUCATION & EXPERIENCE 

• 5–10+ years of experience in Application Security, Product Security, or Security Engineering roles.
• Strong experience securing cloud native SaaS platforms (AWS preferred) and Data pipelines. 
• Handson experience with secure coding, application testing, and CI/CD security automation.
• Experience working closely with engineering and product teams in agile environments.
• Familiarity with security frameworks such as OWASP ASVS, OWASP Top 10, NIST, ISO 27001/2.
• Experience evaluating and securing AI/ML enabled features is a strong advantage.
• Experience in SME or high-growth SaaS environments preferred.