Staff Application Security Engineer

This is a fully remote role with the option to work hybrid if a commutable distance from our Salem, OR, Pittsburgh, PA, or Fremont, CA offices.Full-TimeStaff

Salary161,000 - 251,000 USD per year

Apply NowOpens the employer's application page

Job Details

Experience: 8+ years
Required Skills: AWSPythonGCPKubernetesC++GoCI/CD

Requirements

8+ years of dedicated, hands-on experience in Application Security (AppSec) engineering or a related Staff-level security role.
Demonstrated expertise in Application Security engineering with programming skills.
Proven hands-on experience implementing security controls in CI/CD pipelines and source control systems (e.g., GitHub, GitLab).
Experience with penetration testing, vulnerability scanning and offensive and defensive security (Red Team/Blue Team) practices.
Proficiency in at least one modern programming language (e.g., Python, Go, C++).
Strong understanding of security best practices for cloud-native, microservice, and distributed systems architecture.
Experience with cloud security such as AWS or GCP.
Kubernetes experience integrating security controls into K8s environments.
Experience leading and mentoring security engineers.

Responsibilities

Drive the implementation of security practices throughout the entire software development process, from design review through deployment.
Perform offensive penetration testing and defensive (Blue Team) testing on web applications, internal services, and robot-side software.
Implement and manage security tools, including SAST, DAST, runtime vulnerability assessments, and SBOM systems.
Define and enforce security policies for source code, including mandatory GitHub security practices and review procedures.
Manage the lifecycle of identified vulnerabilities, prioritizing remediation efforts.
Partner with development, platform, and infrastructure teams to ensure security requirements are met.

View Full Description & ApplyYou'll be redirected to the employer's site