Company
Digital & Digital Commerce
SeniorApplicationSecurityEngineer
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Application Security Engineer. Skills: Application Security, Secure Software Development, Penetration Testing, Security Assessments, DevSecOps. Securing applications throughout the software development lifecycle (SDLC). Identifying vulnerabilities”
What You'll Achieve.
Ensure our applications are robust, secure, and compliant with relevant standards
Industry & Context.
Identifying vulnerabilities; Remediating risks; Risk assessments
What They're Looking For.
Must Have
8+ years of experience, Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience), 5+ years in application security, secure software development, and penetration testing, understanding of web technologies (HTML, JavaScript, Python, REST APIs, etc. ), Experience with security tools for code security, bug bounty programs, and the ability to integrate them into CI/DC pipelines for automated security testing, Familiarity with OWASP Top 10, SANS Top 25, CWE, CVE, and secure coding practices, Knowledge of cloud environments (AWS, Azure, GCP) and their security features, communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders
Nice to Have
Industry certifications such as CSSLP, GWAPT, OSCP, or CEH, Experience with container security and CI/CD pipeline integration, Familiarity with regulatory and compliance frameworks (e. g. , SOC 2, ISO 27001, PCI DSS), Prior experience working in agile, DevOps, or fast-paced development environments
What You'll Do.
Securing applications throughout the software development lifecycle (SDLC)
Identifying vulnerabilities
Working with development teams to remediate risks
Implementing security best practices and tools
Performing manual and automated security assessments of web
and cloud applications
Collaborating with development and engineering teams to embed security into SDLC (DevSecOps)
Conducting secure code reviews
threat modeling exercises
Implementing and managing application security tools
Designing and enforcing security policies
and responding to application-layer vulnerabilities and incidents
Working closely with QA and engineering teams to drive security testing and fix validation
Leading the Incident Response effort for application-related security events
Staying current on the latest security threats
and industry's best practices
Conducting developer training and promoting a security-first culture
Cross-training team members on Application Security principles
Actively participating in broader corporate security efforts
How You'll Work.
Team & Collaboration
Working with development teams to remediate risks; Collaborate with development and engineering teams to embed security into SDLC (DevSecOps); Work closely with QA and engineering teams to drive security testing and fix validation; Collaborate effectively with technical and non-technical stakeholders; Cross-train team members on Application Security principles; Actively participate in the broader corporate security efforts
Communication Scope
Communication and interpersonal skills; Ability to collaborate effectively with technical and non-technical stakeholders
Full Job Description
## Description We are seeking a highly skilled and proactive Senior Application Security Engineer to join our growing security team. You will be responsible for securing our applications throughout the software development lifecycle (SDLC). This includes - identifying vulnerabilities, - working with development teams to remediate risks, and - implementing security best practices and tools to ensure our applications are robust, secure, and compliant with relevant standards. ## Responsibilities Perform manual and automated security assessments of web, mobile, and cloud applications Collaborate with development and engineering teams to embed security into SDLC (DevSecOps) Conduct secure code reviews, threat modeling exercises, and risk assessments to identify security weaknesses in application design. Implement and manage application security tools (SAST, DAST, SCA, IAST) Design and enforce security policies, standards, and procedures for application development Monitor, triage, and respond to application-layer vulnerabilities and incidents Work closely with QA and engineering teams to drive security testing and fix validation Lead the Incident Response effort for application-related security events. Stay current on the latest security threats, vulnerabilities, and industry's best practices Conduct developer training and promote a security-first culture within engineering Cross-train team members on Application Security principles. Actively participate in the broader corporate security efforts, including infrastructure security, end-user training, and vulnerability management. ## Rquirements Overall 8+ years of experience Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience). 5+ years in application security, secure software development, and penetration testing. Strong understanding of web technologies (HTML, JavaScript, Python, REST APIs, etc.). Experience with security tools for code security, bug bounty programs, and the a
Applying for this Senior Application Security Engineer role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Lever
- Lever uses a streamlined one-page form — apply in under 5 minutes.
- LinkedIn import works well; review parsed data before submitting.
- The cover letter field is optional but visible to reviewers — use it to differentiate.
- Referral codes from employees can significantly boost visibility of your application.
ANONYMOUS · UNFILTERED
What do employees actually say about this company?
Real rants from real employees. Read before you apply.