RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

8 hours, 55 minutes ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
Burp Suite CI/CD Encryption Git Go Java JavaScript Linux Microservices Python SonarQube TypeScript
Apply Now
Abnormal AI

Abnormal AI

Abnormal AI provides advanced email security solutions designed to block malicious email attacks, including credential phishing, business email compromise, and account takeover.

Internet Software & Services
Founded 2018
View All Jobs 83

Description

  • Lead threat modeling and security architecture reviews with engineering teams.
  • Architect, build, and maintain security tooling and integrations that support secure development workflows.
  • Collaborate with Engineering, DevOps, and Platform teams to implement security controls in Infrastructure-as-Code and secure CI/CD pipelines.
  • Design and deploy automated security testing frameworks to find vulnerabilities earlier in the development lifecycle.
  • Support security incidents by analyzing application behavior and improving response processes.
  • Mentor junior engineers on secure coding practices, security architecture, and security tooling integrations.
  • Evaluate and improve application security tooling across commercial and open-source options.
  • Define and track security posture metrics, including dashboards and reports for coverage and vulnerability trends.
  • Partner with engineering teams to implement and maintain security controls across applications and services.
  • Assess emerging AI/ML security threats for relevance and application to the business.

Requirements

  • Proven experience in application security engineering, ideally in cloud-native environments with modern development practices.
  • Hands-on experience with SAST, DAST, SCA, and IAST tools, plus security automation in CI/CD pipelines.
  • Strong programming skills in Python, Go, Java, or JavaScript/TypeScript.
  • Proficiency with Git, Linux, and modern development frameworks.
  • Deep knowledge of web application security, including OWASP Top 10, authentication/authorization, cryptography, and secure API design.
  • Experience with threat modeling frameworks such as STRIDE, PASTA, or LINDDUN.
  • Comfort investigating application logs, tracing security events, and supporting incident analysis workflows.
  • Ability to influence and collaborate cross-functionally with engineering, DevOps, and product teams.
  • Strong written communication and documentation skills.
  • Experience securing microservices, containers, and cloud-native applications.
  • Preferred: experience in fast-paced or startup environments with ambiguous ownership.
  • Preferred: familiarity with AI/ML security concepts, including adversarial attacks, model security, and data privacy.
  • Preferred: hands-on experience with tools such as Veracode, Checkmarx, SonarQube, Snyk, or Burp Suite.
  • Preferred: experience building security telemetry pipelines or vulnerability management frameworks.
  • Preferred: exposure to SOC 2 or ISO 27001 compliance frameworks.
  • Preferred: familiarity with bug bounty programs and vulnerability disclosure processes.

Benefits

  • Base salary range of $130,100 to $187,000 USD.
  • Eligibility for bonus or incentive compensation.
  • Eligibility for equity.
  • Comprehensive benefits package.
  • Equal opportunity employer consideration for qualified applicants.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Wiz

Security Engineer - Product & Production Infrastructure

Wiz 251-1K IT Services

Wiz is hiring a Security Engineer for Product & Production Infrastructure to secure its cloud products, CI/CD, and production environments through security reviews, vulnerability management, and detection and response work.

Germany Full-time Senior Application Security Engineer Security Engineer
AWS Azure CI/CD GCP Go Helm Kubernetes Python Rust Terraform
6 hours, 25 minutes ago
ClickHouse

Product Security Engineer

ClickHouse 51-250 IT Services

ClickHouse is hiring a Security Engineer to support its cloud and open-source platforms in strengthening product and infrastructure security, incident response, and security process maturity.

United States Canada Full-time Senior Application Security Engineer
AWS Azure C++ GCP Kubernetes Penetration Testing
6 hours, 25 minutes ago
ClickHouse

Product Security Engineer

ClickHouse 51-250 IT Services

ClickHouse is hiring an experienced Security practitioner to support engineering and product teams in strengthening the security posture of its cloud and open-source platforms.

Germany Full-time Senior Application Security Engineer
AWS Azure C++ GCP Kubernetes Penetration Testing
8 hours, 25 minutes ago
Veracode

Senior Security Researcher

Veracode 251-1K Internet Software & Services

Veracode is hiring a Senior Security Researcher to lead Applied Research projects that improve its Static Application Security Testing platform while producing original security research for the broader community.

United States Full-time Senior Application Security Engineer
C C# C++ .NET Penetration Testing Prototyping
8 hours, 40 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers