Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Apply

Application Security Engineer

Posted 7 days agoViewed

View full description

πŸ“ Location: AMER, EMEA, APAC

πŸ” Industry: Security

🏒 Company: asymmetric.re

πŸͺ„ Skills: DockerPythonBlockchainCybersecurityJavascriptGoRustWeb3.jsCI/CDRESTful APIsLinuxDevOps

Requirements:
  • Familiarity and practical experience with Application Security Testing (AST) tools.
  • Proven experience as a consultant, engineer, or auditor, ideally working on/with web applications.
  • Prior experience working with open source development practices.
  • Willingness and aptitude to work with and write in multiple languages, mainly Go, Rust, Python, and JavaScript.
  • Experience with reverse engineering and/or fuzzing.
  • Experience with code reviews.
Responsibilities:
  • Design and implement security and defense-in-depth controls to prevent and limit vulnerabilities.
  • Develop security tooling and developer workflows to aid in the early detection of vulnerabilities.
  • Collaborate with core contributors to conduct internal security audits of off-chain infrastructure.
  • Harden CI/CD pipelines and constrain the attack surface of off-chain components.
  • Collaborate with core contributors to reduce supply-chain risk.
  • Triage and respond to potential security incidents across all parts of the stack.
  • Work in a diverse decentralized team environment with web3 professionals.
  • Clearly communicate security risks and solutions.
  • Adhere to the highest standards of integrity, trust, and professionalism.
Apply

Related Jobs

Apply
πŸ”₯ Staff, Application Security Engineer
Posted 2 days ago

πŸ“ Alberta, Ontario, British Columbia, Canada

πŸ’Έ 143000.0 - 178000.0 CAD per year

πŸ” Software Development

  • 8+ years of experience in application security, secure software development, or related fields.
  • Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
  • Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
  • Strong knowledge of OWASP top 10s and modern attack vectors
  • Proficiency in at least one programming language (Python, Go, Java, TypeScript)
  • Lead Application Security initiatives across different teams to design, build and implement security best practices
  • Implement and enhance security automation within CI/CD pipelines
  • Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
  • Develop and maintain secure coding guidelines and security training for Engineers
  • Investigate security vulnerabilities and support incident response as needed
  • Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonCloud ComputingGCPJavaTypeScriptAPI testingAzureGoCI/CDRESTful APIsLinux

Posted 2 days ago
Apply
Apply
πŸ”₯ Sr. Application Security Engineer (Remote)
Posted 5 days ago

πŸ“ United States

🧭 Full-Time

🏒 Company: RulaπŸ‘₯ 251-500πŸ’° Series C 9 months agoPersonal HealthMental HealthAddiction TreatmentHealth InsuranceWellnessHealth CareHome Health Care

  • 4+ years of experience as an application security engineer
  • Experience with JavaScript, TypeScript, Node.js, and/or Ruby
  • Demonstrated success applying OWASP Top 10 recommendations to modern application stacks
  • Experience with common SAST and DAST tooling and best practices
  • Enhance the security of code and development practices
  • Enhance vulnerability management program

Node.jsJavascriptRubyTypeScript

Posted 5 days ago
Apply
Apply
πŸ”₯ Application Security Engineer SR
Posted 6 days ago

πŸ“ Brazil

🧭 Full-Time

🏒 Company: EncoraπŸ‘₯ 10001-10001πŸ’° $200,000,000 Private over 5 years agoBig DataCloud ComputingSoftware

  • Strong experience with SAST/DAST tools
  • Proficiency in penetration testing and vulnerability assessment
  • Knowledge of common security frameworks (OWASP, NIST)
  • Experience with security incident response
  • Strong programming knowledge
  • Understanding of CI/CD pipelines
  • Cloud security expertise (AWS preferred)
  • Database security knowledge
  • Experience implementing security automation tools
  • Familiarity with DevSecOps practices
  • Knowledge of security testing frameworks
  • Experience with code analysis tools
  • Experience in application security
  • Proven experience implementing security programs
  • Track record of security remediation projects
  • Experience creating and delivering security training.
  • Assess vulnerabilities and create prioritized remediation plans.
  • Implement OWASP-based security best practices.
  • Establish automated security controls through SAST/DAST integration in CI/CD pipelines.
  • Conduct penetration testing.
  • Create standardized procedures for identifying and addressing security issues.
  • Develop and deliver secure coding training programs.
  • Maintain thorough documentation.

AWSCloud ComputingCI/CDDevOps

Posted 6 days ago
Apply
Apply
πŸ”₯ Application Security Engineer
Posted 7 days ago

πŸ“ United States

🧭 Full-Time

πŸ’Έ 159800.0 - 235000.0 USD per year

πŸ” Software Development

🏒 Company: DoorDash USA

  • 5+ years of experience as an application engineer or an information security discipline.
  • Deep understanding of each OWASP top 10 vulnerability, microservices security and design.
  • Well versed with scripting languages (e.g., python) and other programming languages (e.g., java).
  • Experience with implementing and managing CI/CD pipeline security
  • Experience in payments security or in financial technology
  • Experience solving complex, systemic issues that require creative thinking and solutions.
  • Excellent verbal and written communication skills - you can explain security design with respect to cloud infrastructure to security and engineering personnel.
  • Work directly with engineering and security leaders to enact security strategies for DoorDash’s financial applications.
  • Be hands-on and perform manual and automated code reviews to identify vulnerabilities in APIs, microservices and mobile apps (Android and iOS).
  • Conduct regular application security assessments.
  • Define, document and implement security standards, guidelines and procedures for secure operations.
  • As part of architectural and design review committees, provide actionable feedback in engineering design reviews.
  • Manage the lifecycle of application vulnerabilities, from identification to remediation and reporting and metrics.
  • Integrate and manage security tools into the CI/CD process.
  • Ensure applications running within the cloud environment honor the requirements of information security policy and standards for segmentation and configuration.
  • Develop and implement secure network and process controls for Kubernetes environments.
  • Develop tools and automated tests for improving our Security efficiency.

AWSPythonCloud ComputingJavaKotlinKubernetesAPI testingMobile testingREST APICI/CDMicroservicesScripting

Posted 7 days ago
Apply
Apply
πŸ”₯ Staff, Application Security Engineer
Posted 9 days ago

πŸ“ Alberta, Ontario or British Columbia, Canada

πŸ’Έ 143000.0 - 178000.0 CAD per year

πŸ” Software Development

  • 8+ years of experience in application security, secure software development, or related fields.
  • Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
  • Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
  • Strong knowledge of OWASP top 10s and modern attack vectors
  • Proficiency in at least one programming language (Python, Go, Java, TypeScript)
  • Excellent communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders at different levels
  • Lead Application Security initiatives across different teams to design, build and implement security best practices
  • Implement and enhance security automation within CI/CD pipelines
  • Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
  • Develop and maintain secure coding guidelines and security training for Engineers
  • Investigate security vulnerabilities and support incident response as needed
  • Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonCloud ComputingGCPJavaTypeScriptAPI testingAzureGoCI/CDRESTful APIsLinux

Posted 9 days ago
Apply
Apply
πŸ”₯ Staff, Application Security Engineer
Posted 9 days ago

πŸ“ Canada

πŸ’Έ 143000.0 - 178000.0 CAD per year

  • 8+ years of experience in application security, secure software development, or related fields.
  • Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
  • Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
  • Strong knowledge of OWASP top 10s and modern attack vectors
  • Proficiency in at least one programming language (Python, Go, Java, TypeScript)
  • Lead Application Security initiatives across different teams to design, build and implement security best practices
  • Implement and enhance security automation within CI/CD pipelines
  • Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
  • Develop and maintain secure coding guidelines and security training for Engineers
  • Investigate security vulnerabilities and support incident response as needed
  • Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonCloud ComputingGCPJavaTypeScriptAzureGoCI/CDRESTful APIs

Posted 9 days ago
Apply
Apply
πŸ”₯ Staff, Application Security Engineer
Posted 12 days ago

πŸ“ Canada

πŸ’Έ 143000.0 - 178000.0 CAD per year

πŸ” Software Development

🏒 Company: TwilioπŸ‘₯ 5001-10000πŸ’° $378,215,525 Post-IPO Equity over 3 years agoπŸ«‚ Last layoff over 1 year agoMessagingSMSMobile AppsEnterprise SoftwareSoftware

  • 8+ years of experience in application security, secure software development, or related fields.
  • Hands on experience with SAST, SCA, DAST, Secrets, API Security solutions
  • Deep understanding of security for Containers, web, APIs, and cloud-native workloads (AWS, Azure, GCP).
  • Strong knowledge of OWASP top 10s and modern attack vectors
  • Proficiency in at least one programming language (Python, Go, Java, TypeScript)
  • Excellent communication and presentation skills, including an ability to communicate effectively with a diverse array of stakeholders at different levels
  • Lead Application Security initiatives across different teams to design, build and implement security best practices
  • Implement and enhance security automation within CI/CD pipelines
  • Maintain Application Security solutions, measure their effectiveness and continuously improve based on strategic priorities
  • Develop and maintain secure coding guidelines and security training for Engineers
  • Investigate security vulnerabilities and support incident response as needed
  • Research emerging threats, vulnerabilities, and attack techniques to proactively secure applications

AWSPythonSoftware DevelopmentCloud ComputingCybersecurityGCPJavaTypeScriptAzureGoCI/CDRESTful APIs

Posted 12 days ago
Apply
Apply
πŸ”₯ Senior Staff Application Security Engineer
Posted 14 days ago

πŸ“ United States

🧭 Full-Time

πŸ’Έ 181000.0 - 266000.0 USD per year

πŸ” Software Development

🏒 Company: Life360πŸ‘₯ 251-500πŸ’° $33,038,258 Post-IPO Equity over 2 years agoπŸ«‚ Last layoff about 2 years agoAndroidFamilyAppsMobile AppsMobile

  • 10+ years of hands-on experience in application security, securing cloud-based and containerized environments.
  • Strong understanding of cybersecurity threats, vulnerabilities, and mitigations, with a proactive approach to embedding security throughout the product lifecycle.
  • Deep expertise in secure design, threat modeling, offensive security, and risk reduction beyond compliance checklists.
  • Experience with modern application stacks, security tooling, and DevSecOps pipelines, with a passion for security automation and pragmatic defenses.
  • Working knowledge of one or more programming languages (preferably Python) and experience writing software that enhances security processes.
  • Exceptional ability to distill complex security concepts into clear actions, driving alignment across engineering teams without direct authority.
  • A collaborative mindset with a strong ability to build relationships, influence cross-functional teams, and lead high-impact security initiatives.
  • Creative and strategic thinker who can holistically reduce risk, scale security through smart design, and bring clarity to ambiguous challenges.
  • A track record of contributions to the security community (research, blogging, presentations, bug bounty) is a plus.
  • Strong bias for action, ownership, and delivering measurable improvements to security posture.
  • Drive β€œshift left” security initiatives, embedding security best practices seamlessly into the software development lifecycle to proactively identify and mitigate risks.
  • Assess third-party vendors and cloud service providers to ensure compliance with security and privacy standards.
  • Participate in the security on-call rotation to respond to and mitigate security incidents.
  • Document security-relevant architectural decisions and ensure security considerations are integrated into system designs.
  • Serve as a trusted advisor, offering web and mobile security expertise to enable engineering and product teams to make informed, confident decisions.
  • Perform technical security assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests to drive architecture changes
  • Provide guidance and education to engineering and product teams on available security controls and their appropriate use to help prevent vulnerabilities.
  • Partner closely with product and engineering teams to design solutions that are secure by default
  • Scale security efforts by integrating automation for the identification, prioritization, and remediation of vulnerabilities. Empower engineering teams through automation, security guidance, tooling, patterns, and training to scale security practices across the organization.

AWSDockerPythonSoftware DevelopmentCloud ComputingCybersecurityKubernetesAPI testingREST APICI/CDDevOpsRisk Management

Posted 14 days ago
Apply
Apply
πŸ”₯ Staff Application Security Engineer (CAN)
Posted 21 days ago

πŸ“ Canada

🧭 Full-Time

πŸ” Software Development

🏒 Company: NerdWalletπŸ‘₯ 501-1000πŸ’° Secondary Market almost 4 years agoπŸ«‚ Last layoff 8 months agoInternetConsumerFinancial ServicesPersonal Finance

  • 8 + years of professional experience as a security engineer, software engineer, site reliability engineer, penetration tester/ red team member, or security consultant
  • 5+ years of experience working in Agile development, with expertise in technologies such as cloud environments (e.g., AWS), application security testing tools (e.g., SAST, DAST, SCA), infrastructure as code (e.g., Terraform), containers (e.g., Docker, Kubernetes), continuous integration (e.g., Jenkins, GitHub Actions), integration of security testing tools into CI pipelines, defect tracking (e.g., Jira), and source code management (e.g., GitHub)
  • Advanced knowledge of: Python, Typescript, and other languages (Go, PHP)
  • In-depth knowledge of common application and network protocols, cryptographic primitives, authentication and authorization protocols, as well as common security threats, including attack techniques, evasive techniques, and preventative and defensive methods
  • Ensure the timely delivery of high-priority product security initiatives
  • Be a strategic advisor to the Application and Product Security Program
  • Drive key initiatives like Supply Chain Security, Authentication, and Authorization improvements

AWSDockerPythonAgileCloud ComputingCybersecurityJavascriptJenkinsKubernetesSoftware ArchitectureTypeScriptREST APICI/CDLinuxDevOpsTerraformMicroservicesJSONSoftware Engineering

Posted 21 days ago
Apply
Apply
πŸ”₯ Staff Application Security Engineer
Posted 21 days ago

πŸ“ US

🧭 Full-Time

🏒 Company: NerdWalletπŸ‘₯ 501-1000πŸ’° Secondary Market almost 4 years agoπŸ«‚ Last layoff 8 months agoInternetConsumerFinancial ServicesPersonal Finance

  • 8 + years of professional experience as a security engineer, software engineer, site reliability engineer, penetration tester/ red team member, or security consultant
  • 5+ years of experience working in Agile development, with expertise in technologies such as cloud environments (e.g., AWS), application security testing tools (e.g., SAST, DAST, SCA), infrastructure as code (e.g., Terraform), containers (e.g., Docker, Kubernetes), continuous integration (e.g., Jenkins, GitHub Actions), integration of security testing tools into CI pipelines, defect tracking (e.g., Jira), and source code management (e.g., GitHub)
  • Advanced knowledge of: Python, Typescript, and other languages (Go, PHP)
  • High-level understanding of: security weaknesses, exploits, attacks and mitigations
  • In-depth knowledge of common application and network protocols, cryptographic primitives, authentication and authorization protocols, as well as common security threats, including attack techniques, evasive techniques, and preventative and defensive methods
  • Experience leading or participating in Security Development Lifecycle Practices, Threat Modeling, Technical Design Review, and Security Code Review
  • Proven success as a collaborator with the ability to convey high-level security concepts to team members across the organization and technical and non-technical stakeholders at all levels
  • Ensure the timely delivery of high-priority product security initiatives
  • Be a strategic advisor to the Application and Product Security Program
  • Drive key initiatives like Supply Chain Security, Authentication, and Authorization improvements
  • Participate in expanding and maturing NerdWallet’s SSDLC program and its early adoption
  • Partner with cross-functional teams to identify product and application vulnerabilities and propose potential remediation opportunities and prioritization
  • Design and develop security tools and processes to be leveraged by development teams
  • Work closely with engineering to sustain processes or convert manual integrations to automated pipeline activities
  • Help build the Red Team
  • Be a technical mentor to junior members of the team and help develop their skills

AWSDockerPythonAgileCloud ComputingCybersecurityJenkinsKubernetesTypeScriptAlgorithmsData StructuresCI/CDRESTful APIsMentoringLinuxDevOpsRisk ManagementSoftware Engineering

Posted 21 days ago
Apply