Applications Security Engineer

Role Overview ClearCapital is looking for an Application Security Engineer to help strengthen the security of our applications. This fully remote position is open to candidates based in the US. What You Will Do Perform comprehensive security testing on web and mobile applications, microservices, infrastructure code, and open-source components. Identify and report on design or configuration weaknesses that could be exploited. Collaborate with development teams, product managers, and the information security group to assess risks and conduct security reviews. Deliver clear, actionable recommendations to address vulnerabilities. Educate engineers on secure coding practices and help build a culture focused on application security awareness. Collaboration and Impact This role works closely with technical and product teams across the organization. The Application Security Engineer not only helps uncover and address vulnerabilities, but also supports ongoing education and awareness around secure development practices.

Join Contentful as an Application Security Engineer, where you will be instrumental in safeguarding our applications and services. You will work collaboratively with our development teams to implement security best practices and protect our customers' data.

Join Canary Technologies as a Senior Application Security Engineer and play a pivotal role in embedding security within our software development lifecycle. You will collaborate closely with development teams to ensure secure design becomes the standard practice. This position involves taking ownership of application security tooling and automation while working alongside Site Reliability Engineers (SREs), infrastructure, and data engineers to maintain a secure, scalable platform. Our engineering team operates fully remotely, allowing for flexibility and innovation in a fast-paced environment.

Role overview Webflow is hiring a Senior Application Security Engineer. This remote role is open to candidates in California (BC & ON only) and across the U.S. What you will do Work closely with teams across the company to spot, evaluate, and address security risks in Webflow’s applications. Develop and apply security best practices to strengthen application defenses. Help shape and advance Webflow’s overall security strategy.

About Our Team:The Information Security organization at Rubrik is dedicated to enhancing our security posture through strategic initiatives and the management of extensive security projects. We develop cutting-edge technologies, tools, and processes that empower teams to create secure software and safeguard data and systems with robust security measures. Our team also focuses on creating systems for monitoring and responding to threats, providing security awareness training, and establishing secure data-sharing practices with third parties to protect Rubrik’s critical information.About The Role:Rubrik is on the lookout for an Application Security Engineer who will play a key role in ensuring our products and services meet the highest security standards. In this capacity, you will collaborate with diverse stakeholders across the organization to achieve optimal security outcomes in product and feature delivery.Your Responsibilities:Integrate security practices and controls into Rubrik’s secure Software Development Life Cycle (SDLC) while collaborating with Engineering to ensure security is prioritized at every stage of the development process.Conduct thorough security assessments of applications, identifying vulnerabilities through both automated and manual testing methodologies.Provide detailed analyses of identified vulnerabilities to ensure accurate and actionable findings for Engineering teams.Support the implementation of seamless 'shift-left' strategies to proactively address vulnerabilities earlier in the SDLC.Assist in gathering, managing, and reporting key Application Security metrics to track progress and recognize trends.Analyze and enhance existing applications, automation, and deployment procedures for improved security.Participate in security design reviews and threat modeling for upcoming products and feature releases.Collaborate with development teams, operations, governance, and other stakeholders to document security guidelines, processes, and standards for Rubrik's offerings.

Join our dynamic team at Limble as a Senior Application Security Engineer. In this pivotal role, you will be responsible for ensuring the security of our applications and systems, proactively identifying vulnerabilities, and implementing robust security measures. You will collaborate with cross-functional teams to integrate security best practices throughout the software development lifecycle.Your expertise will be essential in conducting security assessments, performing penetration testing, and developing security policies and procedures. We're looking for a passionate individual who is eager to contribute to a culture of security awareness and excellence.

Join our dynamic team at Contentful as an Application Security Engineer. In this critical role, you will be responsible for ensuring the security of our applications and services by implementing robust security practices and conducting thorough assessments. You will work closely with development teams to integrate security into the software development lifecycle, identifying vulnerabilities and providing solutions to mitigate risks.

About Branch Branch helps workers gain financial independence by making it easier for companies to pay them quickly and by offering accessible, no-cost financial services. The team is committed to building inclusive and transparent products that improve the financial lives of working Americans. Ideas and initiative matter here. Employees are encouraged to share their thoughts, those ideas can shape products, culture, and the company’s direction. Branch values diverse perspectives and working styles, aiming to create an environment where everyone can thrive. Role Overview: Senior Application Security Engineer (Remote, US) Branch is hiring a Senior Application Security Engineer to help protect applications, networks, cloud infrastructure, and corporate devices. This role calls for broad security expertise and hands-on experience across multiple domains. The engineer will work closely with teams to build secure systems and processes that support Branch’s mission. What You Will Do Collaborate with Engineering to embed security into the Software Development Life Cycle (SDLC): implement secure design patterns, lead threat modeling, and deliver AppSec training for developers. Plan and conduct application security assessments, including static and dynamic analysis (SAST, DAST), software composition analysis (SCA), and manual code reviews for web, mobile, and API platforms. Strengthen API security for both internal and external services by improving authentication, authorization, rate limiting, and abuse prevention. Manage and improve the vulnerability management program: set prioritization frameworks, track SLAs, and coordinate remediation across teams. Champion software supply chain security, including generating SBOMs, analyzing dependency risks, and reviewing third-party components. Support Governance, Risk, and Compliance (GRC) with technical evaluations of third-party risks and vendor security assessments. Lead incident response efforts from initial detection through resolution and post-incident review. Develop and maintain security policies and procedures, ensuring alignment with industry standards and best practices. Location This position is remote within the United States.

About the Role Join Abnormal AI as a Senior Application Security Engineer and be a key player in developing next-generation, AI-driven cybersecurity applications. In this senior individual contributor role, you will seamlessly integrate security into all stages of our software development lifecycle, conduct thorough security assessments, and collaborate with engineering teams to establish robust architectural defenses. As a technical leader, you will be responsible for shaping security architecture and promoting secure coding practices. You will work closely with engineering stakeholders, providing mentorship to junior engineers and serving as a vital technical liaison across teams to safeguard our applications and clients. This position is ideal for engineers who are intellectually curious and driven to connect security principles with application development.

Join our team as an Application Security Engineer at Palantir Technologies. In this role, you will play a critical part in safeguarding our applications and ensuring robust security measures are in place. You will collaborate with cross-functional teams to identify vulnerabilities, implement security best practices, and enhance our security posture.Your expertise in application security will help us maintain the integrity of our systems and protect sensitive data. We are looking for a proactive individual who is passionate about security and thrives in a dynamic environment.

Why join usAt Brex, we are revolutionizing the way businesses manage their finances through our AI-powered spend platform. We empower organizations, ranging from startups to large enterprises, with integrated corporate cards, banking solutions, and global payment options, complemented by user-friendly software for travel and expenses. Our clientele includes industry leaders like DoorDash, Flexport, and Compass, all of whom benefit from our commitment to proactive spend control, cost reduction, and efficiency improvements worldwide.Joining our team means pushing your boundaries, questioning conventional wisdom, and collaborating with some of the brightest talents in the field. We are dedicated to cultivating a diverse workforce and fostering an inclusive culture where your potential is limited only by your imagination. We provide you with the necessary tools, resources, and support to elevate your career to new heights.Engineering at BrexAt Brex, engineering is about developing scalable systems with purpose and speed. Our diverse teams across Software, Data, Security, and IT function with high autonomy and deep collaboration. We tackle complex technical challenges, take full ownership of our results, and strive for excellence at every stage—from architecture to deployment. Here, engineering is considered a craft, and those who build can become leaders.What you’ll doAs a Senior Application Security Engineer, your primary responsibility will be identifying and responding to security vulnerabilities across the Brex platform. You will conduct code and design reviews, perform penetration testing, and manage vulnerability assessments. Additionally, you will create and maintain tools for static and dynamic testing of our platform while ensuring secure developer workflows. This role is part of our broader Financial Scale organization, requiring close collaboration with Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure teams.We seek candidates who possess a robust background in penetration testing and a proven track record in discovering vulnerabilities within intricate systems, alongside the ability to craft exploits that highlight business impact. This position is highly collaborative, providing the opportunity to work across all engineering teams at Brex. We value enthusiasm for engaging with diverse roles and backgrounds, as building a top-tier financial service necessitates top-tier security.Brex is at the forefront of the next generation of AI-driven financial services for dynamic, impactful companies, including Coinbase, Robinhood, and Anthropic. As we embark on integrating AI throughout our product suite, you will have the chance to influence and shape our initiatives significantly.

At RegScale, we are redefining how organizations manage their security, risk, and compliance programs through our innovative continuous controls monitoring (CCM) platform. As we evolve from a startup to a robust enterprise-ready engineering organization, we are building a skilled team that will drive this transformation. In our mission to handle sensitive security and regulatory data for both enterprise and government clients, we prioritize security as a fundamental engineering principle embedded in our software development process. The Role We are seeking a highly autonomous and experienced Senior Application Security Engineer who excels in navigating complex engineering landscapes. As the lead application security expert at RegScale, you will identify security risks, develop comprehensive strategies to mitigate them, and drive initiatives from inception to measurable outcomes. You will operate independently without a dedicated team, influencing cross-functional engineering teams to enhance security practices. Your role will encompass collaboration with various engineering disciplines, including Core Engineering, Platform and AI, Compliance as Code, Quality Engineering, SRE, Infrastructure, and external security teams. Your success will be measured by your ability to foster security awareness among engineers and integrate security principles into the design, development, and deployment phases of our software. RegScale serves a diverse clientele, including enterprises and government agencies, adhering to regulatory frameworks such as FedRAMP, NIST, and CMMC. This position reports to the SRE and Infrastructure teams and requires not only deep technical security knowledge but also the influence and ownership mentality necessary to instill security as a shared value across engineering.

Job Summary: The Application Security Engineer will play a pivotal role in enhancing our Secure Development Lifecycle assurance processes and security automation technologies. This individual will spearhead the security hardening strategy across our product offerings while responding to both current and emerging security threats. This position is integral to our Product Security team, collaborating with development teams worldwide to define innovative security capabilities and partnering with organizational leaders to implement comprehensive security initiatives. Job Expectations: Lead cross-functional projects to establish advanced security development lifecycle practices. Conduct security design reviews and threat modeling for both new and existing services at iHerb. Assess, prototype, implement, and manage security-focused tools and services. Create new secure architecture standards, frameworks, and patterns that span multiple layers. Analyze emerging security threats relevant to iHerb and proactively develop centralized mitigations. Evaluate, prototype, implement, and operate security tools and services (DAST, SAST, SCA, etc.). Maintain an up-to-date understanding of current security threats and operational best practices. Participate in our security assessment, penetration testing, and bug bounty programs. Engage in security incident response activities. The responsibilities listed above are intended to provide a general overview of the role and are not exhaustive. Additional duties may be assigned as necessary.

Join our innovative team at Trail of Bits as an Application Security Engineer. In this fully remote role, you will play a crucial part in enhancing the security posture of our applications. Your expertise will help identify vulnerabilities, implement security measures, and collaborate with development teams to ensure secure coding practices. If you're passionate about application security and eager to make a significant impact, we want to hear from you!

Join Arcadia as a Senior Security Engineer specializing in Application Security (AppSec). In this role, you will play a pivotal part in safeguarding our applications and infrastructure by implementing robust security measures and promoting security best practices throughout the development lifecycle. Your expertise will help identify vulnerabilities, devise effective remediation strategies, and enhance our overall security posture. Collaborate with cross-functional teams to ensure security is integrated into every phase of our software development processes.

Join Chime as a Senior Application Security Engineer and play a pivotal role in safeguarding our applications and systems from security threats. In this fully remote position, you will collaborate with cross-functional teams to implement security best practices, conduct code reviews, and ensure compliance with industry standards.Your expertise will help shape our security posture as you design and execute vulnerability assessments and penetration tests. If you are passionate about security and want to make a meaningful impact, we want to hear from you!

Role overview Magic School is hiring a Senior Security Engineer focused on Application and Cloud Security. This position shapes how the company protects its cloud infrastructure and software systems. The role carries responsibility for guiding security improvements and building safeguards into platforms and applications. What you will do Lead efforts to strengthen security across cloud environments and applications Develop and refine security frameworks to support company goals Conduct risk assessments to identify and address vulnerabilities Create and maintain incident response strategies to protect systems and data Advise teams on best practices for maintaining system integrity and safety Location This is a remote role.

Join vCluster Labs as a Senior Application Security Engineer, where you will play a pivotal role in establishing trust within our innovative ecosystem. Your primary responsibility will be to maintain the highest security standards across our products, ensuring that vCluster is recognized as the gold standard for secure Kubernetes multi-tenancy. You will craft comprehensive security strategies that protect our entire codebase and infrastructure.Key Responsibilities:Core Product Security: Conduct thorough security assessments of our core Go-based applications and Kubernetes controllers, focusing on preventing privilege escalation within our multi-tenant architecture.Threat Modeling: Spearhead the threat modeling initiatives for new features, proactively identifying risks associated with shared GPU resources and multi-cloud configurations.Automated Security: Implement early-stage security checks within our CI and developer workflows, optimizing for performance to ensure that security processes do not hinder engineering agility. Additionally, you will oversee both automated and manual scanning of our entire product stack.Vulnerability Management: Manage the lifecycle of security vulnerabilities from discovery to remediation. You will triage reports from both internal and external sources, drive the resolution of critical issues across engineering teams, and communicate effectively with all stakeholders.Feature Development: Contribute to the ideation and development of new features, many of which directly address security concerns such as container isolation and breakout prevention, pushing the boundaries of what is achievable in constrained environments.Developer Training: Simplify complex security topics for all engineers, including emerging attack vectors and secure coding practices.Qualifications:Experience: A minimum of 5 years in Application Security or Product Security, with a solid focus on containerized environments.Kubernetes Expertise: Profound knowledge of Kubernetes architecture, RBAC, and container runtime security, along with an understanding of associated risks.

Join Arcadia, a pioneering global platform that revolutionizes utility data and energy solutions. With our cutting-edge data platform, AI-driven analytics, and extensive partner network, we provide comprehensive solutions for every phase of enterprise energy management, focusing on carbon reduction, cost efficiency, and reliability. Our Enterprise Energy Management Solutions are built on a robust foundational data platform that has been refined over the last decade and deployed in millions of customer facilities. We convert fragmented data and isolated processes into cohesive, enterprise-wide actions, offering solutions such as: Utility Bill Management: Reduce utility expenses and enhance bill management through automated payments, proactive error detection, optimized tariff structures, and budgeting & forecasting. Energy Procurement Advisory: Secure clean energy through a thorough analysis of supply options, including traditional retail and onsite/offsite resources, to effectively manage risks and achieve sustainability objectives. Sustainability Reporting: Meet compliance goals and monitor carbon emissions with standardized energy data and seamless integration with leading sustainability platforms. Addressing our enterprise clients' most pressing energy challenges calls for innovative thinking and diverse perspectives. We are assembling a team of passionate individuals from varied backgrounds and industries. If you are excited about contributing to the clean energy transition, we want to hear how you can uniquely add value to Arcadia!

We are seeking a skilled Security Application Engineer to join our dynamic team at usm2. In this role, you will be responsible for developing and implementing security measures for our applications, ensuring the integrity and safety of our software systems. You will work closely with cross-functional teams to identify vulnerabilities and recommend effective solutions.