RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

1 week ago
United States
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS Burp Suite CI/CD Docker GitHub GitHub Actions Go Helm Java JavaScript Kotlin Kubernetes Penetration Testing Python Terraform TypeScript
Apply Now
Alphasense

Alphasense

Alphasense is a global leader in providing high-quality gas sensors and air quality monitors to industrial OEMs. With over 25 years of experience, the company offers a wide range of innovative gas sensor technologies for various applications, including...

Industrial Conglomerates
51-250
Founded 1996
View All Jobs 168

Description

  • Own the code and pull-request security enforcement layer that every change passes through.
  • Operate and continuously tune the SAST, SCA, secrets-detection, and SBOM pipeline.
  • Design and harden deterministic security gates for AI-authored and human-authored code.
  • Review human-authored and agent-authored pull requests and contribute AI-generated patch proposals.
  • Own the security approach for AI-assisted development tools and workflows, including agentic systems and MCP integrations.
  • Author and roll out AI-assisted development security policy covering prompt injection, scope governance, credential handling, and audit attribution.
  • Threat model new AI features, agent gateways, MCP connector architecture, and AI workflows in the research platform.
  • Scale threat modeling and embed security acceptance criteria and verification hooks into the product design process.
  • Partner with engineering and product security teams to build practical security training and developer enablement programs.
  • Drive fast resolution of critical findings, support testing and posture programs, and lead response for application-layer incidents and integration compromises.

Requirements

  • 6+ years of engineering experience, including 4+ years in a dedicated AI Application Security or Product Security role at a SaaS or cloud-native company.
  • Hands-on, recent development experience; ability to write code and read pull requests fluently in at least two of Python, TypeScript/JavaScript, Java/Kotlin, or Go.
  • Comfort working with Terraform, Helm, and Kubernetes manifests.
  • Direct experience building, integrating, or operating agentic AI and MCP systems in production or governed engineering workflows.
  • Production operation of a SAST/SCA pipeline at scale using tools such as Snyk, Semgrep, GitHub Advanced Security, Checkmarx, Veracode, or equivalent.
  • Demonstrated ownership of a threat modeling or developer security training program.
  • Ability to think in layered, defense-in-depth security models across code, contract, behavior, simulation, and data.
  • Strong written communication skills for policy, guidance, runbooks, and PR feedback.
  • Open-source contributions to security tools, MCP servers/frameworks, agent harnesses, or threat modeling tools are preferred.
  • Experience shipping deterministic compliance gates accepted by external auditors is preferred.
  • API security and DAST experience, plus modern container/Kubernetes security, is preferred.
  • AWS security depth and exposure to AI/ML production environments are preferred.
  • Experience supporting customer-facing security posture dashboards or DDQ responses, ideally in a regulated industry, is preferred.
  • Public writing or speaking on developer security, AI/agent security, or AppSec automation is preferred.
  • Pre-IPO experience or familiarity with SOC 2 Type II, ISO 27001:2022, ISO 42001, SOX, or GDPR is preferred.
  • Certifications such as OSWE, OSCP, CSSLP, AWS Security Specialty, or CISSP are preferred.

Benefits

  • Base salary range of $157,000 to $216,000 USD.
  • Performance-based bonus eligibility.
  • Equity compensation.
  • Generous benefits program.
  • Remote-first work environment.
  • High autonomy in a senior individual contributor role.
  • Clear path to Staff / Tech Lead as the team grows.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Crypto.com

Application Support Engineer — Blockchain Security & AI Automation

Crypto.com 1K-5K Capital Markets

Crypto.com is hiring an Application Support Engineer in its Blockchain Security team to keep production blockchain applications stable while improving support operations through AI-driven automation.

United Kingdom Full-time Mid Level Application Security Engineer
Blockchain Encryption Go LLM Node.js Python REST API Rust Solana
6 hours, 8 minutes ago
Inovalon

Application Security Engineer

Inovalon 1K-5K IT Services

Inovalon is hiring a Staff Software Engineer focused on application security to embed secure practices across the design, development, and operation of cloud-native SaaS healthcare platforms.

United States India Full-time Lead Application Security Engineer
Agile DevSecOps Encryption GCP HIPAA Penetration Testing
7 hours, 17 minutes ago
GuidePoint Security

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Security Engineering professional to implement and operationalize application security tooling and practices across software development and CI/CD environments for a broad range of customer-facing security engagements.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
20 hours, 38 minutes ago
TrueML

Sr. Application Security Engineer

TrueML 51-250 Internet Software & Services

TrueML is hiring a Senior Application Security Engineer to secure applications across the software development lifecycle for its remote U.S. product and technology team.

United States Full-time Lead Application Security Engineer
$125k-$140k
AWS CI/CD Docker Go JWT Kubernetes OAuth OWASP Python SAML SIEM WAF
21 hours, 50 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers