Senior Application Security Engineer
157000 - 216000 USD per year
Location:USA
Languages:English
Seniority level:Senior, 5+ years
Experience:5+ years
Skills:
AWSPythonCloud ComputingJavaJavascriptKubernetesGoCI/CDDevOpsMicroservices
Requirements:
5+ years of experience in Application or Product Security, preferably in a SaaS or cloud-native environment Strong understanding of web app and API security, microservices, and containerized architectures Experience integrating security tooling into modern CI/CD workflows Proficiency with SAST, DAST, IaC scanning, and container security platforms Skilled in secure coding and code review for at least one major language (Python, Java, Go, JavaScript). Familiarity with AWS security, Kubernetes security, and DevSecOps best practices.
Responsibilities:
Lead application security initiatives across all SaaS products and microservices. Conduct threat modeling, architecture reviews, and secure code assessments for both backend and frontend systems. Implement and manage security automation in CI/CD, integrating SAST, DAST, SCA, and container image scanning tools. Collaborate with engineering teams to triage, prioritize, and remediate vulnerabilities across applications and containerized workloads. Drive AppSec awareness and training, developing secure coding practices and guidelines. Evaluate and deploy container security controls, ensuring images and orchestrators (Kubernetes, ECS, etc.) follow best practices. Support bug bounty and vulnerability disclosure programs and coordinate penetration testing. Stay ahead of emerging application and container threats, and recommend preventive controls aligned with OWASP and CIS benchmarks.
