RemoteLeaf Logo
Log in Sign up

Security Engineer 1, Application Security - Remote US

11 hours, 46 minutes ago
United States
Full-time
Entry Level
Application Security Engineer
Software Development
Android Ansible AWS Azure C C++ Cybersecurity GCP GitHub Go Helm iOS JavaScript Kubernetes Python Rust Terraform TypeScript
Apply Now
Trail of Bits

Trail of Bits

Trail of Bits is a leading company specializing in computer and network security. Since 2012, they have been helping secure the world's most targeted organizations and products by combining high-end security research with a real-world attacker mentalit...

Internet Software & Services
51-250
Founded 2012
View All Jobs 9

Description

  • Lead security assessments for specific components, modules, or systems within larger client engagements.
  • Find and validate vulnerabilities in application code and systems, including tracing root causes and assessing impact.
  • Develop proof-of-concept code when needed to demonstrate exploitation paths.
  • Design and build custom security testing tools and automation for vulnerability detection.
  • Conduct threat modeling and architecture reviews of software systems.
  • Identify attack surfaces, data flows, and security boundaries, and propose concrete mitigations.
  • Translate technical findings into clear, actionable recommendations for client engineering teams.
  • Own client communication for the component of work you are responsible for.
  • Contribute to security research initiatives and document findings.
  • Collaborate with senior engineers while owning pieces of client engagements end to end.

Requirements

  • 0–2 years into a security career, or background in software engineering with a strong security foundation.
  • Demonstrable vulnerability research capability through CTF wins, published CVEs, bug bounty finds, or security research.
  • Ability to read complex code, trace execution, identify logic flaws, and determine whether an issue is truly exploitable.
  • Fluency in at least two of Rust, Go, C, C++, Python, JavaScript, TypeScript, or similar languages.
  • Understanding of memory corruption vulnerabilities such as buffer overflows and use-after-free, and mitigations such as stack cookies, ASLR, NX/DEP, CFI, and MTE.
  • Deep familiarity with operating systems, IPC, privilege boundaries, and system internals.
  • Ability to work autonomously, drive your own analysis, and own pieces of engagements from start to finish.
  • Clear technical communication skills and the ability to explain and defend security findings to engineers.
  • Preferred: active CTF participation, recent rankings, or team involvement.
  • Preferred: published vulnerability research, open source security contributions, mobile security experience, technical writing, cloud security experience with AWS, GCP, or Azure, and experience with Kubernetes, Helm, Terraform, or Ansible.
  • Preferred: kernel or other low-level development experience.

Benefits

  • Base salary range of $100,000 to $160,000, excluding benefits and potential bonuses.
  • Performance-based bonuses.
  • Fully company-paid health, dental, vision, disability, and life insurance.
  • 401(k) with a 5% company match.
  • 20 days of paid vacation with flexibility for more, subject to jurisdictional regulations.
  • 4 months of parental leave.
  • $1,000 work-from-home stipend.
  • $750 annual learning and development stipend.
  • $10,000 relocation assistance for candidates moving to New York City.
  • Philanthropic contribution matching up to $2,000 annually.
  • Company-sponsored all-team celebrations with travel and accommodation covered.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Veeam Software

Senior Configuration Engineer, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Configuration Engineer to lead enterprise release management and delivery automation across cloud-native, SaaS, and AI product environments.

United States Full-time Senior Application Security Engineer DevOps Engineer
$147k-$377k
Ansible Azure Bash CI/CD DevSecOps Docker GitOps Jenkins Kubernetes PowerShell Python Secrets Management Terraform
11 hours, 1 minute ago
Veeam Software

Senior Cyber-Security Operations Analyst, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Senior Cyber Security Operations Analyst to help design and scale secure Azure-based development and QA environments while improving CI/CD delivery and integrating security across the software lifecycle.

United States Full-time Senior Application Security Engineer DevOps Engineer
$121k-$311k
Ansible AWS Azure Bash CI/CD DevSecOps Docker GCP Git GitHub Actions Jenkins Kubernetes PowerShell Python Secrets Management Terraform
11 hours, 31 minutes ago
Veeam Software

Cyber-Security Operations Analyst III, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is hiring a Cyber-Security Operations Analyst to support and secure CI/CD and DevSecOps infrastructure across cloud and platform engineering environments for enterprise, cloud-native, and AI-enabled products.

United States Full-time Senior Application Security Engineer DevOps Engineer
$102k-$235k
Ansible AWS Azure Bash CI/CD CloudFormation DevSecOps DNS Docker GCP Git GitHub Actions GitLab CI Helm Jenkins Kubernetes Linux PowerShell Pulumi Python SIEM TCP/IP Terraform
11 hours, 46 minutes ago
Veeam Software

Security Engineer III, Product AppSec

Veeam Software 1K-5K Internet Software & Services

Veeam is seeking a Product Security Engineer to help secure cloud-native, enterprise, and AI-enabled products while supporting vulnerability management and secure development practices for federal and highly sensitive data environments.

United States Full-time Senior Application Security Engineer
$151k-$348k
Azure Bash CI/CD DevSecOps Docker PowerShell Python YAML
12 hours, 1 minute ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers