Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Senior Application Security Engineer

Posted 3 months agoViewed

View full description

💎 Seniority level: Senior

📍 Location: United States

💸 Salary: 152850.0 - 244560.0 USD per year

🔍 Industry: Cloud Software

🏢 Company: Axon👥 1001-5000💰 $246,000,000 Post-IPO Equity almost 7 years agoGovTechElectronicsHardwareSoftware

🗣️ Languages: English

🪄 Skills: AWSDockerPythonGCPKubernetesC#AzureGoCI/CD

Requirements:
  • Proficiency in Python, Java, Go, or C#
  • Strong experience with CI/CD workflows
  • In-depth understanding of vulnerabilities
  • Experience with security tools like Snyk and Semgrep
  • Knowledge of cloud platforms and containerization
Responsibilities:
  • Build and maintain security automation tools
  • Partner with engineering teams on secure architectures
  • Act as a trusted advisor for development teams
  • Deploy static, dynamic, and dependency scanning tools
  • Lead vulnerability management efforts
  • Create and enhance security automation tools
Apply

Related Jobs

Apply
🔥 Senior Application Security Engineer
Posted 12 days ago

📍 United States, Canada, United Kingdom

🧭 Full-Time

💸 141600.0 - 212400.0 USD per year

🔍 Software Development

  • Solid knowledge of common appsec vulnerabilities and their prevention (e.g., OWASP Top 10, SANS Top 25).
  • Experience in security testing, including code review, SAST, DAST, and vulnerability scanning.
  • Familiarity with incorporating security measures into all phases of software development, from initial concept to final launch including “Shift Left” security.
  • Experience with SIEM, WAF, Risk Management Platforms, SAST/DAST or similar security tools.
  • Deep understanding of cloud security best practices and challenges, with specific expertise in AWS security services and architectures or equivalent.
  • Must be proficient in at least one scripting language (e.g., Python, Bash) to automate security tasks and integrate security tools.
  • Skilled in identifying, evaluating, prioritizing, and monitoring the remediation of security vulnerabilities.
  • Proven experience in handling security incidents, including identification, containment, and remediation.
  • Ability to clearly communicate technical security concepts to both technical and non-technical audiences, and to collaborate effectively with development, operations, and other teams.
  • Ability to analyze security issues, identify root causes, remediate and/or recommend effective solutions.
  • Participate in security projects, delivering secure and well-documented work.
  • Support SOC2 compliance and Pen Testing initiatives.
  • Deeply understand how to secure networks, applications, infrastructure, and data.
  • Utilize monitoring and vulnerability scanning tools to identify security concerns within the production environment and systems, remediate findings, or communicate them to the relevant team for triage.
  • Quickly learn the team's tech stack, security tool ecosystem, and environment.
  • Manage security projects independently, escalating when needed.
  • Meet project deadlines and investigate automation opportunities.
  • Build relationships with engineers.
  • Give actionable security feedback to developers.
  • Lead security discussions.
  • Prioritize security issues based on risk assessments.
  • Own and drive security incident response.

AWSDockerNode.jsPythonSoftware DevelopmentBashCybersecurityKubernetesCI/CDRESTful APIsDevOpsRisk ManagementScripting

Posted 12 days ago
Apply
Apply
🔥 Senior Application Security Engineer
Posted 3 months ago

📍 United States, Canada

🧭 Full-Time

🔍 Information Technology

  • 6+ years of Information Technology experience
  • 3+ years with Static Application Security Testing
  • 2+ years with Java, Python, .NET, or C#
  • 3+ years with Burp Suite
  • Experience with OWASP frameworks
  • Remediate application security flaws
  • Lead security discussions with application teams
  • Perform dynamic and static application performance testing

PythonEclipseJavaC#.NETLinux

Posted 3 months ago
Apply
Apply
🔥 Senior Application Security Engineer
Posted 3 months ago

📍 United States, Canada

🧭 Full-Time

🔍 FinTech

🏢 Company: Imprint

  • 5+ years in cybersecurity, specifically focused on Application Security.
  • Hands-on coding experience and familiarity with modern development stacks (e.g., microservices, REST APIs, containerized environments).
  • Proficiency with SAST/DAST tools, threat modeling methodologies (e.g., MITRE ATT&CK), cryptography concepts (key management, encryption standards), and cloud security services (AWS, GCP, or Azure).
  • Excellent communication, collaboration, and problem-solving skills in a fast-paced, cross-functional setting.
  • Conduct systematic threat modeling (e.g., leveraging the MITRE ATT&CK framework) to identify risks, define attack paths, and propose mitigations early in the development lifecycle.
  • Perform in-depth security architecture reviews to ensure applications and microservices follow secure design principles.
  • Collaborate with engineering teams to conduct code reviews, pinpoint vulnerabilities, and champion OWASP Top 10 best practices.
  • Integrate SAST and DAST into CI/CD pipelines, ensuring continuous and automated detection of security flaws.
  • Analyze testing reports and guide teams toward swift, effective remediation strategies.
  • Perform or coordinate targeted penetration tests on critical applications and systems.
  • Document findings and partner with engineers to implement sustainable fixes.
  • Advise on symmetric and asymmetric encryption mechanisms to safeguard data at rest and in transit.
  • Oversee secure key management, ensuring cryptographic libraries and protocols are properly utilized.
  • Develop and deliver training on secure coding fundamentals and OWASP principles.
  • Lead the “shift-left” security movement by embedding security considerations in early stages of development—a strong development background is required to effectively collaborate and coach.
  • Investigate and document application-focused security incidents.
  • Maintain and refine incident response playbooks, integrating lessons learned into ongoing improvements.
  • Align AppSec practices with PCI DSS, SOC 2, and relevant frameworks to support regulatory audits.
  • Work closely with Risk, Fraud, and Compliance teams to ensure continuous alignment between engineering, security, and business goals.

AWSCybersecurityGCPAzureREST APICI/CDMicroservicesCompliance

Posted 3 months ago
Apply