RemoteLeaf Logo
Log in Sign up

Application Security Engineer

2 months, 1 week ago
United States
Full-time
Mid Level
Application Security Engineer
Cybersecurity
AWS CI/CD Docker GitHub Actions GitLab CI GraphQL Jenkins Kubernetes REST API
Apply Now
Arcadia Towers

Arcadia Towers

Arcadia Towers LLC is a cell tower company that develops, owns, and operates wireless communications towers across the U.S. They provide innovative solutions for wireless infrastructure development, connecting communities today and for the future. Arca...

Real Estate
1-10
Founded 2005
View All Jobs 5

Description

  • Own the end-to-end vulnerability management lifecycle across SAST, DAST, and SCA findings.
  • Triage, prioritize, and drive remediation efforts in partnership with engineering squads.
  • Maintain, optimize, and extend security automation and tooling integrations in the CI/CD pipeline.
  • Launch and run a Security Champions program with workshops and office hours across distributed teams.
  • Serve as the application-layer subject matter expert during security incidents, including triage, root cause analysis, and remediation.
  • Partner with Product and Engineering leadership to add security earlier in the SDLC through threat modeling and design reviews.
  • Act as a trusted advisor to engineers and help communicate security risks in a way that drives action.
  • Support the engineering organization by embedding security practices into day-to-day development workflows.

Requirements

  • 3–5 years of dedicated Application Security experience in a SaaS or cloud-native environment.
  • Hands-on proficiency with at least two of the following: SAST, DAST, SCA, or CSPM tooling such as Snyk, Checkmarx, Semgrep, or Wiz.
  • Strong working knowledge of CI/CD pipelines such as GitHub Actions, Jenkins, or GitLab CI, with the ability to write and maintain integrations.
  • Experience with container security using Docker and Kubernetes.
  • Experience with API security patterns including REST and GraphQL.
  • Ability to communicate technical risk to non-security engineers in a clear, action-oriented way.
  • Experience standing up or maturing a Security Champions program is preferred.
  • Familiarity with AWS security services such as GuardDuty, Security Hub, and IAM Access Analyzer is preferred.
  • Exposure to threat modeling frameworks such as STRIDE, PASTA, or similar lightweight methods is preferred.
  • Relevant certifications such as OSCP, GWAPT, or CSSLP are valued but not required.
  • Ability to work remotely from anywhere in the US with a reliable internet connection.
  • Visa sponsorship is not available for this position.

Benefits

  • Remote-first work environment with the flexibility to work anywhere in the US.
  • Flexible PTO with no accrued hours and no limit on vacation days for exempt employees.
  • 12 annual holidays and 10 days of sick leave.
  • Up to 4 weeks of bereavement leave.
  • 2 volunteer days off and 2 professional development days off.
  • 12 weeks of paid parental leave for all parents.
  • Medical, dental, and vision coverage with 75–95% employer cost coverage for employees and dependents.
  • Competitive target annual compensation of $131,250 to $235,156 plus equity and bonus potential.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

GuidePoint Security

Senior Application Security Consultant, Strategic Services- Remote (Anywhere in the U.S.)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is hiring a Senior Application Security Consultant to deliver client-facing application security assessments and advisory services across industries.

United States Full-time Senior Application Security Engineer
C# C++ DevSecOps Encryption Generative AI Java JavaScript PHP Python
9 hours, 50 minutes ago
instacart.careers

Senior Product Security Engineer II

instacart.careers 1K-5K Internet Software & Services

Instacart is hiring a Security Engineering professional to conduct offensive security work across its products and internal tools while helping strengthen product security and privacy at scale.

United States Full-time Senior Application Security Engineer
$192k-$242k
Penetration Testing
3 days, 9 hours ago
GuidePoint Security

Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is seeking a security engineering professional to help implement and operationalize application security tooling and practices across modern software development environments.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
4 days, 8 hours ago
instacart.careers

Senior Product Security Engineer II

instacart.careers 1K-5K Internet Software & Services

Instacart is hiring a Security Engineer to join its Security Engineering team and conduct offensive security work across product and internal tools to strengthen the company’s security posture.

Canada Full-time Senior Application Security Engineer
$145k-$152k
Penetration Testing
4 days, 9 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers