remoote.app

Work from anywhere. Start here.

Remoote.app

Work from anywhere. Start here.

Free resume builderCompaniesLog in
Home
Jobs
Senior Application Security Engineer

Senior Application Security Engineer

New
Remote - USAFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page

Job Details

Experience
6+ years in security engineering, DevSecOps, or related roles
Required Skills
AWSPythonJavascriptKubernetesGoCI/CDTerraform

Requirements

  • 6+ years in security engineering, DevSecOps, or related roles, including experience at scale.
  • Strong experience integrating security into modern SDLC pipelines.
  • Hands-on with AppSec tooling (Snyk, OWASP ZAP, Burp Suite, SonarQube, Checkmarx, etc.).
  • Solid understanding of web app security (OWASP Top 10, API security, auth flows, input validation).
  • Familiarity with AWS/Kubernetes security.
  • Strong programming skills (Python, Go, or JavaScript).
  • Strong AWS security skills (IAM, KMS, Security Hub, GuardDuty, WAF).
  • Experience with Kubernetes security (RBAC, OPA/Gatekeeper, network policies).
  • Hands-on with Terraform, Helm, and GitOps practices.
  • Familiarity with security tooling (Trivy, Falco, Snyk, Aqua).
  • Knowledge of networking, encryption, and cloud-native security best practices.

Responsibilities

  • Define and enforce best practices for secure coding, dependency management, and design reviews across engineering teams.
  • Integrate and manage SAST, DAST, and SCA tools within CI/CD pipelines (e.g., GitHub Actions).
  • Partner with developers on new features and systems to identify risks early in the lifecycle.
  • Implement best practices for secrets handling, API authentication/authorization, and data protection.
  • Build security guidelines, training, and reusable libraries/patterns so that teams can ship secure code faster.
  • Triage and prioritize findings from bug bounties, penetration tests, and automated scans, ensuring timely resolution.
  • Act as the bridge between application developers and platform engineers to align app security with infra and compliance requirements.
  • Implement monitoring, alerting, and remediation for security incidents across our platform.
  • Scan and remediate vulnerabilities in container images, OS packages, dependencies, and IaC templates.
  • Design and maintain least-privilege IAM roles, secrets management, and authentication flows.
  • Automate evidence gathering and control enforcement for SOC 2, ISO 27001, and others.
View Full Description & ApplyYou'll be redirected to the employer's site
View details
Apply Now