J

Senior Security Engineer - Application Security

Jobgether • United State
Remote
Apply
AI Summary

Lead application security initiatives, collaborate with teams to build secure products, and protect critical systems. Requires offensive security expertise and secure development practices.

Key Highlights
Strengthen security practices across a rapidly growing technology platform
Partner with engineering and product teams to embed security throughout the SDLC
Influence security standards, tooling, and processes at scale
Key Responsibilities
Lead application security assessments, threat modeling sessions, and secure code reviews
Manage and improve security testing programs, including SAST, DAST, SCA, and application security posture management tooling
Plan and execute penetration testing activities
Own the vulnerability management lifecycle
Develop secure coding standards, security guidelines, and training resources
Integrate security tools into CI/CD pipelines
Investigate security incidents and vulnerability reports
Collaborate with product and engineering teams on security architecture decisions
Monitor emerging threats and attack techniques
Technical Skills Required
Application Security Offensive Security Secure Development Practices
Benefits & Perks
Comprehensive medical, dental, and vision insurance
401(k) retirement plan with employer matching
Paid time off including holidays, vacation days, sick days, and floating holidays

Job Description


This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Sr. Security Engineer based in United States.

This role offers the opportunity to strengthen security practices across a rapidly growing technology platform.

You will lead application security initiatives, helping teams build secure products through proactive testing, automation, and collaboration.

The position combines offensive security expertise, secure development practices, and strategic problem-solving to protect critical systems.

You will partner closely with engineering and product teams to embed security throughout the software development lifecycle.

This is an impactful individual contributor role where you will influence security standards, tooling, and processes at scale.

The ideal candidate will be passionate about innovation, automation, and using modern approaches to solve complex security challenges.

Accountabilities

The Sr. Security Engineer will play a key role in advancing application security by identifying risks, improving security practices, and enabling engineering teams to deliver secure solutions. This role requires hands-on expertise across security testing, vulnerability management, secure development, and security automation.

  • Lead application security assessments, threat modeling sessions, and secure code reviews for new features and major product changes.
  • Manage and improve security testing programs, including SAST, DAST, SCA, and application security posture management tooling.
  • Review, prioritize, and coordinate remediation of security findings with engineering teams.
  • Plan and execute penetration testing activities across web applications, APIs, and mobile applications while supporting third-party assessments.
  • Own the vulnerability management lifecycle, from discovery and prioritization through remediation validation.
  • Develop secure coding standards, security guidelines, and training resources to improve developer awareness.
  • Integrate security tools into CI/CD pipelines and promote shift-left security practices across the software development lifecycle.
  • Investigate security incidents, vulnerability reports, and bug bounty submissions while providing root cause analysis and remediation recommendations.
  • Collaborate with product and engineering teams on security architecture decisions and secure implementation strategies.
  • Monitor emerging threats, vulnerabilities, and attack techniques to continuously improve security capabilities.
  • Leverage AI tools and automation approaches to improve security workflows, including threat modeling, vulnerability analysis, exploit validation, and risk prioritization.

Requirements

The ideal candidate will bring strong application security experience combined with offensive security skills and the ability to communicate effectively across technical and business teams. This role requires someone who can independently solve complex security challenges while helping teams adopt secure engineering practices.

  • 5+ years of experience in application security with hands-on experience across secure software development lifecycle practices and offensive security testing.
  • Strong understanding of web application and API security principles, including OWASP, MITRE, CIS frameworks, and modern attack techniques.
  • Experience operating and managing security testing tools such as SAST, DAST, SCA, or ASPM platforms.
  • Proficiency in scripting or programming languages such as Python, JavaScript, Go, Ruby, or similar for code reviews and security tooling development.
  • Experience designing and executing penetration tests against modern web and mobile applications.
  • Knowledge of cloud security concepts, preferably with AWS experience, along with familiarity with GCP, OVH, containers, and Kubernetes security.
  • Experience working in compliance-focused environments such as SOC 2 or similar regulated frameworks.
  • Strong written and verbal communication skills with the ability to explain technical risks to non-technical stakeholders.
  • Ability to work independently, prioritize effectively, and collaborate with distributed engineering teams.
  • Experience using AI tools to improve security operations, automate analysis, and enhance productivity is highly valued.
  • Relevant certifications such as OSCP, GWAPT, GPEN, CEH, or equivalent are a plus.

Benefits

  • Comprehensive medical, dental, and vision insurance plans with employer coverage starting on day one.
  • 401(k) retirement plan with employer matching.
  • Paid time off including holidays, vacation days, sick days, and floating holidays.
  • Employer-paid basic life insurance and accidental death & dismemberment coverage.
  • Short-term and long-term disability coverage.
  • Paid family leave.
  • Employee Assistance Program.
  • Quarterly self-care stipends.
  • Access to additional benefits including FSA, HSA, dependent care benefits, commuter benefits, supplemental insurance options, legal support, and more.
  • Remote-first work environment with flexibility and opportunities to collaborate with a distributed team.
  • Opportunity to shape security strategy and influence engineering practices as a senior security contributor.

How Jobgether Works

We use an AI-powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top-fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

Why Apply Through Jobgether?

Data Privacy Notice: By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre-contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.


Similar Jobs

Explore other opportunities that match your interests

Red Team Engineer / Offensive Security Lead

Cyber Security
•
2h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

Jobgether

United State

Cybersecurity Defense Expert (AI Training)

Cyber Security
•
2h ago
Visa Sponsorship Relocation Remote
Job Type Contract
Experience Level Not Applicable

Alignerr

United State
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

Jobgether

United State

Subscribe our newsletter

New Things Will Always Update Regularly