RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

3 hours, 29 minutes ago
India
Full-time
Lead
Application Security Engineer
Cybersecurity
Agile AWS Azure CI/CD Cybersecurity DevSecOps GCP HTML JavaScript Penetration Testing Python REST API
Apply Now
e.l.f. Beauty

e.l.f. Beauty

e.l.f. Beauty is a company dedicated to celebrating the beauty of every eye, lip, and face. With a strong commitment to inclusivity, sustainability, and cruelty-free beauty, they offer a wide range of cosmetics and skincare products. Through strategic ...

Consumer Goods
251-1K
Founded 2004
$229M raised
View All Jobs 9

Description

  • Perform manual and automated security assessments of web, mobile, and cloud applications.
  • Collaborate with development and engineering teams to embed security into the SDLC and DevSecOps practices.
  • Conduct secure code reviews, threat modeling exercises, and risk assessments to identify application design weaknesses.
  • Implement and manage application security tools such as SAST, DAST, SCA, and IAST.
  • Design and enforce security policies, standards, and procedures for application development.
  • Monitor, triage, and respond to application-layer vulnerabilities and incidents.
  • Work with QA and engineering teams to drive security testing and fix validation.
  • Lead incident response efforts for application-related security events.
  • Conduct developer training and promote a security-first culture within engineering.
  • Cross-train team members on application security principles and contribute to broader corporate security efforts.

Requirements

  • 8+ years of overall experience.
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
  • 5+ years of experience in application security, secure software development, and penetration testing.
  • Strong understanding of web technologies including HTML, JavaScript, Python, and REST APIs.
  • Experience with security tools for code security and bug bounty programs, including integration into CI/CD pipelines for automated security testing.
  • Familiarity with OWASP Top 10, SANS Top 25, CWE, CVE, and secure coding practices.
  • Knowledge of cloud environments such as AWS, Azure, and GCP, including their security features.
  • Strong communication and interpersonal skills with the ability to collaborate with technical and non-technical stakeholders.
  • Industry certifications such as CSSLP, GWAPT, OSCP, or CEH are preferred.
  • Experience with container security and CI/CD pipeline integration is preferred.
  • Familiarity with regulatory and compliance frameworks such as SOC 2, ISO 27001, and PCI DSS is preferred.
  • Prior experience working in agile, DevOps, or fast-paced development environments is preferred.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Binance

Binance Accelerator Program - Blockchain / Smart Contract Security

Binance 5K-10K Capital Markets

Binance is seeking a Binance Accelerator Program participant to support smart contract and blockchain security work, including audits, vulnerability analysis, and risk detection across Web3 systems.

Asia Hong Kong Taiwan Internship Entry Level Application Security Engineer
Blockchain Git Python VS Code
1 day, 6 hours ago
Evolve Security Academy

Senior Application Security Tester & AI Red Team Subject Matter Expert

Evolve Security Academy 11-50 Internet Software & Services

Evolve Security is seeking a senior offensive security specialist to lead complex web, API, and AI red team engagements while defining the firm’s testing methodology for LLM-enabled and agentic systems.

United States Full-time Senior AI (Artificial Intelligence) Application Security Engineer
Bash GraphQL JavaScript JWT Metasploit Nmap OpenID Connect Penetration Testing Postman PowerShell Python REST API SAML SPA TypeScript
2 days, 16 hours ago
TOMORROW HIRE

Application Security Engineer - DAST & Burp Suite Enterprise Security Testing

TOMORROW HIRE Internet Software & Services

Application Security Engineer at a fully remote federal contractor supporting secure application development, testing, and compliance for enterprise web applications.

United States Full-time Senior Application Security Engineer
$120k-$140k
Bash Burp Suite C# CI/CD Eclipse Java Linux .NET Python Selenium Unix Visual Studio
3 days, 7 hours ago
Virtualitics

Lead AppSec Engineer

Virtualitics 51-250 IT Services

Virtualitics is seeking a Lead Application Security Engineer to shape secure AI and application security practices for defense, government, and critical infrastructure systems.

United States Full-time Lead Application Security Engineer
$150k-$220k
AWS Azure Docker GCP Kubernetes
5 days, 3 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers