Senior Application Security Engineer

New

Based in the United StatesFull-TimeSenior

Salary190,000 - 273,000 USD per year

Apply NowOpens the employer's application page

Job Details

5+ years of experience in application security, software engineering, or a combination of both within modern SaaS environments.
Strong software development capabilities with experience reading, writing, and deploying production code (Ruby highly desirable, Python/scripting a plus).
Deep understanding of application security principles, secure architecture, authentication/authorization frameworks, and vulnerability management.
Proven experience performing code reviews, penetration testing, exploit validation, and vulnerability remediation in complex production systems.
Strong knowledge of common web application security risks (access control flaws, OAuth, CSRF, SSRF, cryptography, deserialization).
Experience working with cloud-native environments and Linux systems, preferably GCP.
Familiarity with application security tooling (SAST, SCA, runtime security tools, automation).
Experience integrating AI-assisted tools into workflows and securing AI-powered applications.
Excellent communication, stakeholder management, and collaboration skills.

Lead and continuously improve the secure software development lifecycle (SSDLC), ensuring security considerations are integrated into application design, development, and deployment processes.
Conduct application security reviews, threat modeling exercises, and in-depth code analysis for critical product, platform, and AI-driven initiatives.
Drive vulnerability management efforts across internal assessments, penetration tests, bug bounty findings, and automated security tools.
Perform hands-on security testing, exploit validation, adversarial assessments, and remediation reviews.
Establish and maintain secure design standards, security guardrails, risk models, and code review practices across engineering teams.
Enhance and optimize application security tooling, including SAST solutions, automation workflows, dashboards, and security integrations.
Develop AI-focused security controls and review processes addressing prompt handling, API exposure, data protection, and AI-specific threats.
Partner with engineering, product, legal, platform, and security stakeholders to align security initiatives with business objectives.
Support developer enablement through secure coding guidance, security training, documentation, and security champion programs.
Contribute to operational improvements, metrics reporting, and long-term security strategy execution.

View Full Description & ApplyYou'll be redirected to the employer's site