RemoteLeaf Logo
Log in Sign up

Application Security Engineer

2 weeks, 5 days ago
United States
Full-time
Mid Level
Application Security Engineer
Cybersecurity
AWS CI/CD Docker GitHub Actions GitLab CI GraphQL Jenkins Kubernetes REST API
Apply Now
Arcadia Towers

Arcadia Towers

Arcadia Towers LLC is a cell tower company that develops, owns, and operates wireless communications towers across the U.S. They provide innovative solutions for wireless infrastructure development, connecting communities today and for the future. Arca...

Real Estate
1-10
Founded 2005
View All Jobs 4

Description

  • Own the end-to-end vulnerability management lifecycle across SAST, DAST, and SCA findings.
  • Triage, prioritize, and drive remediation efforts in partnership with engineering squads.
  • Maintain, optimize, and extend security automation and tooling integrations in the CI/CD pipeline.
  • Launch and run a Security Champions program with workshops and office hours across distributed teams.
  • Serve as the application-layer subject matter expert during security incidents, including triage, root cause analysis, and remediation.
  • Partner with Product and Engineering leadership to add security earlier in the SDLC through threat modeling and design reviews.
  • Act as a trusted advisor to engineers and help communicate security risks in a way that drives action.
  • Support the engineering organization by embedding security practices into day-to-day development workflows.

Requirements

  • 3–5 years of dedicated Application Security experience in a SaaS or cloud-native environment.
  • Hands-on proficiency with at least two of the following: SAST, DAST, SCA, or CSPM tooling such as Snyk, Checkmarx, Semgrep, or Wiz.
  • Strong working knowledge of CI/CD pipelines such as GitHub Actions, Jenkins, or GitLab CI, with the ability to write and maintain integrations.
  • Experience with container security using Docker and Kubernetes.
  • Experience with API security patterns including REST and GraphQL.
  • Ability to communicate technical risk to non-security engineers in a clear, action-oriented way.
  • Experience standing up or maturing a Security Champions program is preferred.
  • Familiarity with AWS security services such as GuardDuty, Security Hub, and IAM Access Analyzer is preferred.
  • Exposure to threat modeling frameworks such as STRIDE, PASTA, or similar lightweight methods is preferred.
  • Relevant certifications such as OSCP, GWAPT, or CSSLP are valued but not required.
  • Ability to work remotely from anywhere in the US with a reliable internet connection.
  • Visa sponsorship is not available for this position.

Benefits

  • Remote-first work environment with the flexibility to work anywhere in the US.
  • Flexible PTO with no accrued hours and no limit on vacation days for exempt employees.
  • 12 annual holidays and 10 days of sick leave.
  • Up to 4 weeks of bereavement leave.
  • 2 volunteer days off and 2 professional development days off.
  • 12 weeks of paid parental leave for all parents.
  • Medical, dental, and vision coverage with 75–95% employer cost coverage for employees and dependents.
  • Competitive target annual compensation of $131,250 to $235,156 plus equity and bonus potential.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bugcrowd

Product Security Engineering Manager

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Product Security Engineering Manager to lead application, platform, and FedRAMP security programs while guiding a distributed team and advancing secure-by-default engineering across the company.

United States Full-time Senior Application Security Engineer
$176k-$242k
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
14 hours, 48 minutes ago
MongoDB

Senior Product Security Engineer, Server

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Product Security professional to strengthen the security of its core database products and customer-facing security features for its Database Server team in Dublin or remotely in Ireland.

Ireland Full-time Senior Application Security Engineer
AWS Azure C++ Encryption GCP MongoDB Penetration Testing Secrets Management
19 hours, 29 minutes ago
MongoDB

Director, Identity & Security Product Management

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Director of Identity and Security Product Management in Canada to lead the strategy and roadmap for IAM and security across its Atlas platform, core database, and related services.

Canada Full-time Executive Application Security Engineer Product Manager
$87k-$110k
AWS Azure GCP JIRA Microservices MongoDB Network Security
20 hours, 57 minutes ago
Backblaze

Sr. Software Engineer - Application Security

Backblaze 251-1K IT Services

Backblaze is hiring an Application Security Engineer to strengthen the security of its cloud storage and backup products by embedding application security into new and existing software across a large, distributed stack.

Mexico Colombia Argentina Costa Rica Full-time Senior Application Security Engineer Software Engineer
C C++ Encryption Go HTTP Java JavaScript Linux Node.js Python REST API TypeScript
21 hours, 9 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers