Senior Application Security Engineer

We are seeking a Senior Application Security Engineer to join our team full-time. You will be responsible for building and maintaining a global security compliance program, scaling application security, and working with cross-function teams to implement proper authentication, authorization, and data protection mechanisms.

Requirements

• 5+ years of experience in application security, secure software development, security engineering, or a similar role
• Strong understanding of secure coding practices and ability to guide developers on remediation strategies.
• Experience with GitHub Advanced Security (GHAS), including Code Scanning (SAST), Secret Scanning, and Dependency Review.
• Proficiency in SAST, DAST, and SCA tools (e.g., CodeQL, Burp Suite, OWASP ZAP, Snyk, Checkmarx, Veracode).
• Hands-on experience integrating security testing tools into CI/CD pipelines for automated security scanning.
• Knowledge of common application security vulnerabilities and mitigations (OWASP Top 10, CWE, business logic flaws, API security).
• Ability to perform threat modeling and assess security risks in applications and services.
• Experience conducting security code reviews across various programming languages (e.g., Python, Java, TypeScript, Go).
• Understanding of security fundamentals with relation to various cybersecurity and compliance frameworks, particularly NIST CSF, but any of PCI, SOC2, HITRUST, ISO 27001/2, or similar
• Understanding to securely manage cloud-native environments and the ability to deploy tools in these environments.
• Holds a Cybersecurity certification, e.g., OSCP, GWAPT, CISSP, CISA, etc.

Benefits

• Generous Paid Time Off
• 401k Matching
• Retirement Plan
• Visa Sponsorship
• Four Day Work Week
• Generous Parental Leave
• Tuition Reimbursement
• Relocation Assistance