RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

3 days, 11 hours ago
Canada
Full-time
Senior
Application Security Engineer
Cybersecurity
AWS GraphQL gRPC Kotlin Kubernetes Penetration Testing Python
Apply Now
Brex

Brex

Brex is an AI-powered spend platform that offers integrated corporate cards, expenses, travel, and payments in over 100 countries. With a unified platform for corporate cards, expense management, reimbursements, travel, business accounts, and bill pay,...

Diversified Financial Services
1K-5K
Founded 2017
$1800M raised
View All Jobs 11

Description

  • Identify vulnerabilities across the Brex platform, demonstrate business impact, and communicate risk to support prioritization.
  • Perform penetration testing and design reviews to uncover vulnerabilities and insecure designs.
  • Partner with engineering and product teams to design secure product features.
  • Build, maintain, and improve internal tools that automate security efforts and support secure development workflows.
  • Run static and dynamic security testing, including SAST and DAST, for the Brex platform.
  • Support secure development practices across the organization.
  • Collaborate with Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure teams.
  • Build a culture of collaborative security excellence through technical leadership, learning sessions, and mentorship.
  • Help identify attack vectors and secure novel AI and agentic features across Brex products.

Requirements

  • 5+ years of experience in an Application Security or related role.
  • Proven ability to find vulnerabilities in complex systems and demonstrate business impact through custom attack chains.
  • Experience with secure development practices such as threat modeling, developer education, and incident response.
  • Knowledge of Python, scripting languages, and AI/agentic workflows to automate tasks and build tools.
  • Strong written and verbal communication skills.
  • Collaborative mindset and ability to work effectively across functions.
  • Proficiency with Kotlin, gRPC, GraphQL, and Kubernetes is a plus.
  • Previous experience as a software engineer is a plus.
  • Consultancy experience performing web application security reviews is a plus.
  • Experience securing distributed systems in AWS and cloud environments is a plus.
  • Experience with pentesting and securing agentic features and systems is a plus.
  • Contributions to the wider technical community, such as open source, research, mentorship, blogging, CVEs, or presentations, are a plus.
  • Experience submitting to bug bounty programs or responsible disclosure programs is a plus.

Benefits

  • Hybrid work setup based in the Vancouver office with at least three coordinated in-office days per week.
  • Up to four weeks per year of fully remote work.
  • Expected salary range of $192,000 to $240,000 CAD.
  • Potential equity and other forms of compensation as part of the total package.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Abnormal AI

Senior Software Engineer - Data Security

Abnormal AI Internet Software & Services

Senior Software Engineer, Data Security at Abnormal AI responsible for leading design and implementation of the customer data security and privacy platform to keep sensitive data safe as the company expands into new products, regions, and integrations.

United States Canada Full-time Senior Application Security Engineer
$180k-$258k
GitHub Go Network Security Python Salesforce System Design
19 hours, 45 minutes ago
GuidePoint Security

Application Security Analyst- Remote (Anywhere in the U.S.)

GuidePoint Security 251-1K Internet Software & Services

Application Security Analyst at GuidePoint Security joining the Application Security team to perform assessments and client engagements that identify vulnerabilities, deliver actionable reports, and help clients mature their application security capabilities.

United States Full-time Junior Application Security Engineer
Burp Suite C# C++ DevSecOps IoT Java JavaScript Penetration Testing PHP Postman Python
1 day, 4 hours ago
Zimperium

Detection Researcher (iOS Focused)

Zimperium 251-1K Professional Services

Zimperium is hiring a remote Detection Researcher focused on iOS to research and build advanced mobile threat detection techniques that protect enterprise devices against jailbreak, hooking, tampering, and other compromise methods.

Latvia United Kingdom Netherlands Romania Spain Germany Argentina Hungary Italy Full-time Senior Application Security Engineer
C iOS Objection Objective-C Penetration Testing Python Swift
3 days, 11 hours ago
Raya

Sr. Product Security Engineer

Raya 51-250 Internet Software & Services

Raya is seeking a Senior Product Security Engineer to secure its iOS application and supporting infrastructure, embedding security throughout the mobile software development lifecycle from design through deployment.

United States Full-time Senior Application Security Engineer
$180k-$220k
AWS Bash CI/CD DevSecOps GitHub Actions iOS Node.js Objective-C Python Swift
3 days, 12 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers