Application Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Engineering, MIS, or equivalent practical experience.
• 2–5 years of experience in application security, product security, software engineering with a security focus, or a related technical role.
• Strong understanding of application vulnerabilities and mitigation strategies (OWASP Top 10, CWE).
• Experience with CI/CD tooling, Git-based workflows, and modern development practices.
• Familiarity with cloud security concepts and hands-on experience with at least one cloud platform (AWS, Azure, or GCP).
• Experience with one or more programming languages such as Python, Go, Java, JavaScript/Typescript, or Ruby. (Java and Python preferred.)
• Experience with application security tools such as OWASP ZAP, Burp Suite, SAST/DAST tools, SCA, or dependency scanning.
• Knowledge of secure coding principles, API security, authentication, authorization, and secrets management.
• Strong problem-solving skills and the ability to communicate technical issues clearly to developers and cross-functional stakeholders.
• Understanding of agile development processes and working within engineering teams.
• Ability to Travel: This role will require occasional in-person travel for purposes including but not limited to new hire onboarding, team and department offsites, customer engagements, and other company events. Actual travel expectations may vary by role and business needs.

Responsibilities

• Integrate application security best practices into the development lifecycle by partnering with engineering teams and enabling automated security checks within CI/CD pipelines.
• Support and maintain Application Security based tooling—including SAST, DAST, SCA, and secrets scanning—and help developers interpret and remediate findings.
• Conduct secure code reviews, threat modeling sessions, and application architecture assessments to identify risks and propose mitigation strategies.
• Develop and maintain security automation, guardrails, and reusable components.
• Assist in defining and improving secure coding standards and application hardening practices.
• Support monitoring and detection efforts by helping improve application-level logging, telemetry, and alerting.
• Assist in incident response activities related to application vulnerabilities, including verification, triage, and remediation support.
• Stay current on emerging threats, vulnerabilities, and best practices in application and product security.
• Contribute to documentation including security requirements, guidelines, and remediation playbooks.
• Participate in internal security reviews, compliance-driven assessments, and architectural walkthroughs.
• Develop and help maintain existing application security tools, pipelines, and workflows.
• Collaborate with engineering and product teams to ensure secure deployment and continuous improvement of applications.

Benefits

• All employees receive equity packages (ISOs) and have access to a comprehensive benefits offering.
• competitive pay
• attractive stock grants
• flexible paid time off