RemoteLeaf Logo
Log in Sign up

Security Engineer, Application Security

2 weeks, 6 days ago
United States
Full-time
Senior
Security Engineer
Cybersecurity
Android C C++ Go iOS JavaScript Kotlin macOS Objective-C Python Ruby Rust Swift TypeScript
Apply Now
Trail of Bits

Trail of Bits

Trail of Bits is a leading company specializing in computer and network security. Since 2012, they have been helping secure the world's most targeted organizations and products by combining high-end security research with a real-world attacker mentalit...

Internet Software & Services
51-250
Founded 2012
View All Jobs 11

Description

  • Conduct comprehensive low-level security assessments of client software, including vulnerabilities in system services, access controls, inter-process communication, and platform security controls.
  • Analyze application code to identify vulnerabilities and develop mitigation strategies.
  • Design and implement custom security tools for automated vulnerability detection and security testing.
  • Perform detailed architecture reviews and threat modeling of complex software systems and cloud environments.
  • Assess privilege escalation paths and security boundaries in complex systems.
  • Review application infrastructure, architecture, data flows, authentication mechanisms, and API security.
  • Collaborate with other security engineers on client projects and tool development.
  • Work with the Research & Engineering team on advanced security research and funding efforts that bridge vulnerability research and application security.
  • Provide remediation guidance and clear recommendations to clients based on technical findings.
  • Stay current with developments in application security, vulnerability research, and emerging technologies.

Requirements

  • Extensive experience in software security and identifying or mitigating application and system-level vulnerabilities in complex enterprise software.
  • Demonstrated experience conducting technical security assessments of software, including software and system hardening, security policy analysis, and security implementation.
  • Experience with Android, iOS, and/or macOS system internals is a plus.
  • Deep understanding of system internals and security boundaries.
  • Experience with manual code reviews and static and dynamic analysis tools.
  • Expertise in secure development practices.
  • Experience with binary analysis and reverse engineering.
  • Understanding of memory corruption vulnerabilities and mitigations.
  • Strong knowledge of multiple programming languages such as Rust, Golang, Kotlin, Swift, Objective-C, JavaScript/TypeScript, Python, Ruby, C, and/or C++.
  • Ability to communicate complex security concepts clearly to diverse stakeholders.

Benefits

  • Competitive salary with performance-based bonuses.
  • Fully company-paid health, dental, vision, disability, and life insurance.
  • 401(k) plan with a 5% company match.
  • 20 days of paid vacation with flexibility for more, subject to local regulations.
  • 4 months of parental leave.
  • $10,000 relocation assistance for candidates moving to NYC.
  • $1,000 work-from-home stipend.
  • $750 annual learning and development stipend.
  • Up to $2,000 in annual philanthropic contribution matching.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

AlphaSense

Senior Business Applications Security Engineer

AlphaSense 251-1K Internet Software & Services

AlphaSense is hiring a Senior Business Applications Security Engineer to build and own a centralized security program for its business application ecosystem, spanning SaaS, cloud, and on-premise tools.

India Full-time Senior Application Security Engineer Security Engineer
OAuth Salesforce SAML
10 minutes ago
h

Cybersecurity Engineer - EU/US Timezones

hermeneutic Investments 11-50 Technology, Information and Internet

hermeneutic Investments is seeking a Junior–Mid Cybersecurity Engineer to run day-to-day security operations and strengthen protections across cloud, endpoints, identity, and collaboration systems in its proprietary trading and hedge fund environment.

United States United Kingdom Full-time Mid Level Security Engineer
AWS Azure Cybersecurity GCP OAuth SIEM System Design WAF
25 minutes ago
S

Security Engineer

SymSoft Solutions Web Design, Development, and System Integration

Symsoft Solutions is hiring a remote six-month contract professional to support state and local government web, application, and data services work with prior State of California experience.

United States Contract Senior Security Engineer
$100k-$120k
25 minutes ago
SpaceX

Sr. Security Software Engineer (Starshield)

SpaceX 10K-50K Aerospace & Defense

SpaceX is hiring a Sr. Security Software Engineer for Starshield to secure software and infrastructure supporting government-focused space systems, including communications, sensing, and in-space mesh networks.

United States Full-time Senior Security Engineer
$168k-$230k
C++ Go Network Security Python TCP/IP
25 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers