The Senior Application Security Engineer will lead the application security program, ensuring secure development practices and guiding teams in security considerations during feature design and implementation.
While we're proud of what we've already accomplished, we're searching for new collaborators to help us get to the next level! If you're looking to join a forward-thinking, rapidly growing organization with helping people as its number one goal, we want to hear from you.
As our Senior Application Security Engineer, you will be the primary owner and driver of our application security program. You’ll work hands‑on with engineering teams to embed secure development practices, improve tooling and automation, and guide security considerations for new features, architectures, and services.
This is a high‑impact role where you’ll shape the future of AppSec at a company that values security as a core part of product quality.
What You’ll Do
Application Security Ownership
- Lead and evolve the company’s application security strategy, roadmap, and day‑to‑day operations.
- Serve as the primary AppSec partner for numerous dev teams working on Ruby on Rails web apps, React Native mobile apps, and various other projects including Python and Go.
- Provide security guidance during design, development, and code review for new features and projects.
- Drive adoption of secure coding practices and threat‑modeling across engineering teams.
Tooling & Automation
- Manage and optimize existing AppSec tooling, including:
- GitHub Advanced Security (SAST, SCA, Secret Scanning)
- Invicti (DAST)
- Hadrian (ASM)
- AppDome (mobile application security)
- Cloudflare WAF
- Improve automation and integration of security tools into CI/CD pipelines.
- Identify and implement additional tools or processes to strengthen the security posture.
Secure SDLC & Developer Enablement
- Build and maintain secure development standards, playbooks, and training materials.
- Partner with engineering teams during sprint planning and feature design to proactively address risks.
- Conduct security reviews, code assessments, and vulnerability triage with development teams.
Cloud & DevOps Collaboration
- Work with DevOps to ensure secure AWS infrastructure deployments and configurations.
- Contribute to hardening efforts across ECS, IAM, networking, and supporting cloud services.
- Assist in designing and maintaining secure CI/CD workflows.
Incident & Vulnerability Management
- Lead or support investigation and remediation of application‑level vulnerabilities.
- Monitor, prioritize, and track findings from SAST/DAST/ASM tools.
- Collaborate with engineering to ensure timely and effective remediation.
Similar Jobs
Fintech • Machine Learning • Mobile • Security • Software
The Senior Application Security Engineer will enhance security for mobile and backend applications, perform testing, review architectures, and collaborate with teams to embed security in development processes.
Top Skills:
AndroidGoiOSPythonRuby
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
The Senior Application Security Engineer will manage vulnerability programs, refine scanning tools, collaborate with engineering teams, and assist in security incident investigations to enhance overall security operations.
Top Skills:
AWSAws LambdaDynamic Application Security TestingGoPythonSemgrepSoftware Composition AnalysisStatic Application Security TestingTerraformTinesWiz
Aerospace • Artificial Intelligence • Hardware • Machine Learning • Software • Defense • Manufacturing
The Senior Application Security Engineer will implement security controls for space systems, ensuring compliance with government standards while collaborating with engineering teams to enhance security practices and respond to threats.
Top Skills:
AWSAzureBicepC++ElixirGCPJavaScriptKubernetesPulumiPythonTerraform
What you need to know about the San Francisco Tech Scene
San Francisco and the surrounding Bay Area attracts more startup funding than any other region in the world. Home to Stanford University and UC Berkeley, leading VC firms and several of the world’s most valuable companies, the Bay Area is the place to go for anyone looking to make it big in the tech industry. That said, San Francisco has a lot to offer beyond technology thanks to a thriving art and music scene, excellent food and a short drive to several of the country’s most beautiful recreational areas.
Key Facts About San Francisco Tech
- Number of Tech Workers: 365,500; 13.9% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Google, Apple, Salesforce, Meta
- Key Industries: Artificial intelligence, cloud computing, fintech, consumer technology, software
- Funding Landscape: $50.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Sequoia Capital, Andreessen Horowitz, Bessemer Venture Partners, Greylock Partners, Khosla Ventures, Kleiner Perkins
- Research Centers and Universities: Stanford University; University of California, Berkeley; University of San Francisco; Santa Clara University; Ames Research Center; Center for AI Safety; California Institute for Regenerative Medicine
