RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer

1 month ago
India
Full-time
Lead
Application Security Engineer
Cybersecurity
Agile AWS Azure CI/CD Cybersecurity DevSecOps GCP HTML JavaScript Penetration Testing Python REST API
Apply Now
e.l.f. Beauty

e.l.f. Beauty

e.l.f. Beauty is a company dedicated to celebrating the beauty of every eye, lip, and face. With a strong commitment to inclusivity, sustainability, and cruelty-free beauty, they offer a wide range of cosmetics and skincare products. Through strategic ...

Consumer Goods
251-1K
Founded 2004
$229M raised
View All Jobs 6

Description

  • Perform manual and automated security assessments of web, mobile, and cloud applications.
  • Collaborate with development and engineering teams to embed security into the SDLC and DevSecOps practices.
  • Conduct secure code reviews, threat modeling exercises, and risk assessments to identify application design weaknesses.
  • Implement and manage application security tools such as SAST, DAST, SCA, and IAST.
  • Design and enforce security policies, standards, and procedures for application development.
  • Monitor, triage, and respond to application-layer vulnerabilities and incidents.
  • Work with QA and engineering teams to drive security testing and fix validation.
  • Lead incident response efforts for application-related security events.
  • Conduct developer training and promote a security-first culture within engineering.
  • Cross-train team members on application security principles and contribute to broader corporate security efforts.

Requirements

  • 8+ years of overall experience.
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent experience.
  • 5+ years of experience in application security, secure software development, and penetration testing.
  • Strong understanding of web technologies including HTML, JavaScript, Python, and REST APIs.
  • Experience with security tools for code security and bug bounty programs, including integration into CI/CD pipelines for automated security testing.
  • Familiarity with OWASP Top 10, SANS Top 25, CWE, CVE, and secure coding practices.
  • Knowledge of cloud environments such as AWS, Azure, and GCP, including their security features.
  • Strong communication and interpersonal skills with the ability to collaborate with technical and non-technical stakeholders.
  • Industry certifications such as CSSLP, GWAPT, OSCP, or CEH are preferred.
  • Experience with container security and CI/CD pipeline integration is preferred.
  • Familiarity with regulatory and compliance frameworks such as SOC 2, ISO 27001, and PCI DSS is preferred.
  • Prior experience working in agile, DevOps, or fast-paced development environments is preferred.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

instacart.careers

Senior Product Security Engineer II

instacart.careers 1K-5K Internet Software & Services

Instacart is hiring a Security Engineering professional to conduct offensive security work across its products and internal tools while helping strengthen product security and privacy at scale.

United States Full-time Senior Application Security Engineer
$192k-$242k
Penetration Testing
2 days, 7 hours ago
GuidePoint Security

Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

GuidePoint Security 251-1K Internet Software & Services

GuidePoint Security is seeking a security engineering professional to help implement and operationalize application security tooling and practices across modern software development environments.

United States Full-time Senior Application Security Engineer
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
3 days, 6 hours ago
instacart.careers

Senior Product Security Engineer II

instacart.careers 1K-5K Internet Software & Services

Instacart is hiring a Security Engineer to join its Security Engineering team and conduct offensive security work across product and internal tools to strengthen the company’s security posture.

Canada Full-time Senior Application Security Engineer
$145k-$152k
Penetration Testing
3 days, 7 hours ago
Workleap

DevSecOps Lead

Workleap 251-1K Internet Software & Services

Workleap is hiring a DevSecOps Lead to embed security into its AI-enabled SDLC, CI/CD pipelines, and Azure-based product development workflows across its Workleap and ShareGate platforms.

Canada Full-time Lead Application Security Engineer
$126k-$151k
Azure Bash C# CI/CD DevSecOps GitHub Actions .NET OAuth OpenID Connect Python SAML
6 days, 7 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers