Source Job

20 jobs similar to Senior Application Security Engineer II

Jobs ranked by similarity.

US

  • Secure AI systems and use AI to scale security, conducting security reviews and threat modeling of AI-integrated product features.
  • Deliver end-to-end application security reviews for high-risk features, working directly with engineering teams to surface and close risk.
  • Advance CI/CD pipeline security by operating and evolving security scanning controls in GitLab pipelines.

Smartsheet empowers teams to manage work and scale solutions by uniting human teams with AI agents. They are a large company with over 20 years of experience, fostering a culture where ideas are heard and contributions have real impact.

India

  • Partner with engineering, product, and DevOps teams to integrate security practices throughout the SDLC, focusing on cloud-native environments and automated pipelines.
  • Design, implement, and maintain security tooling and gates within CI/CD pipelines covering SAST, DAST, SCA, secrets detection, and container scanning.
  • Lead threat modeling, conduct application security assessments including code review and manual penetration testing, and triage bug bounty reports.

Hyland is the pioneer of the Content Innovation Cloud, delivering ubiquitous enterprise intelligence to organizations. With a team of nearly 4,000 employees, the company fosters an employee-centric culture focused on community impact and innovation.

US

  • Lead implementation and optimization of AppSec tools such as SAST, DAST, and SCA across client environments.
  • Conduct manual application and API security assessments, identifying vulnerabilities and recommending remediation strategies.
  • Advise clients on secure SDLC practices and integrate security tools into CI/CD pipelines.

The company is a cybersecurity consulting firm that helps organizations design and operationalize application security programs. It operates with a remote-first culture and a collaborative, client-facing team.

Global Unlimited PTO

  • Conduct application security reviews including threat modeling, code review, and risk assessment for new features.
  • Perform and improve SAST/DAST operations, triage, validation, and remediation tracking in CI/CD pipelines.
  • Apply and improve AI security review processes for LLM-integrated features and agentic attack surfaces.

Monarch is a powerful, all-in-one personal finance platform designed to simplify money management. They are a fully remote team of do-ers led by experienced entrepreneurs, passionate about building a product people love.

Europe

  • Define security requirements and design application architectures following a secure-by-default approach.
  • Conduct threat modeling, code reviews, and penetration testing on cloud-based web and mobile apps.
  • Implement, manage, and automate SAST/DAST/SCA security controls and WAF rules to enforce protection at scale.

Prima is a motor insurance company that uses data and technology to provide a great experience for drivers. They are trusted by over 5 million drivers and have over 350 engineers in their Engineering department, fostering a culture of curiosity and collaboration.

Canada

  • Lead a specialized team of security engineers focused on application, cloud, and AI system security.
  • Champion shift-left security practices including threat modeling, secure code review, and developer training.
  • Define cloud security standards and enforce security for AI systems including LLM-based agents.

Acquia empowers ambitious brands to create digital customer experiences using open source Drupal. Headquartered in Boston, MA, it is a Great Place to Work-Certified company and among the world's top software companies.

$120,000–$154,440/yr
US 12w maternity 12w paternity

  • Architect, design, and implement end-to-end security solutions including firewalls, intrusion detection, and cloud security controls.
  • Collaborate with DevOps to integrate security into CI/CD pipelines and automate secure deployments.
  • Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.

Figure is transforming capital markets through blockchain, powering real products used by hundreds of thousands of consumers and institutions. With over 170 partners and $22 billion in home equity loans originated, Figure is the largest non-bank provider of home equity financing in the U.S., recognized as one of Forbes' Most Innovative Fintech Startups in 2025.

US 5w PTO

  • Own key security domains such as vulnerability management, application security, API security, and supply chain security.
  • Partner with engineering teams to integrate security into design reviews, threat modeling, CI/CD pipelines, and developer workflows.
  • Develop and improve security tooling and automation to reduce manual effort and leverage AI for triage and detection.

NinjaTrader is an industry-leading trading platform and futures broker that empowers traders with award-winning software and brokerage services. Since 2003, the company has grown to over 2 million users and is the number one rated futures brokerage worldwide, fostering a dynamic culture focused on social connection, professional development, and employee recognition.

$60,000–$211,000/yr
Canada

  • Embed secure-by-design principles across cloud, SaaS, and AI-driven systems.
  • Lead threat modeling sessions and security design reviews for applications, APIs, and microservices.
  • Define security standards, mentor engineers, and drive organization-wide risk reduction programs.

Jobgether uses an AI-powered matching process to connect candidates with hiring companies quickly and objectively. They are a remote-first, globally distributed company with an inclusive engineering culture.

$190,800–$267,100/yr
US

  • Review and threat model AI-powered product features, LLM integrations, and agentic workflows before launch.
  • Build reusable AI security primitives like guardrails, scanners, and policy checks to secure AI development.
  • Design security tooling to detect and prevent prompt injection, jailbreaks, and data leakage in AI systems.

Reddit is a community of communities built on shared interests, passion, and trust, hosting open conversations. With over 100,000 active communities and 126 million daily active users, it is one of the largest sources of information online.

US 4w PTO

  • Lead application security reviews, threat modeling, and secure code review for new features and significant product changes.
  • Operate and improve SAST, DAST, and SCA tooling, triage findings, and partner with engineering teams to harden the codebase.
  • Plan and execute internal penetration tests against web applications, APIs, and mobile clients, and own the vulnerability management lifecycle.

ButterflyMX empowers people to automate property access, operations, and security from a single platform, serving over 20,000 properties worldwide. As a distributed, primarily remote workforce, they seek intelligent, passionate, and collaborative individuals driven by a shared commitment to excellence and innovation.

$175,000–$200,000/yr
United States Dominican Republic Canada

  • Lead application and product security across Forward-built, third-party, and AI-built software.
  • Evolve the pentest program to aggressively test and remediate vulnerabilities in existing and new software.
  • Build and integrate AI solutions within the appsec function.

Forward Financing is a financial technology company that unlocks capital for small businesses across America. Recognized as a Best Place to Work, it invests in employees, technology, and customer experience with a long-term focus.

$131,250–$150,000/yr
United States Canada Dominican Republic Unlimited PTO

  • Lead application and product security across Forward-built, third-party, and AI-built software.
  • Evolve the pentest program and proactively build AI solutions within the appsec function.
  • Own remediation workflows and partner with teams to build controls for external exposure.

Forward Financing is a financial technology company that unlocks capital for small businesses across America. They are a recognized Best Place to Work with a remote-first culture and team members across the US, Canada, and Dominican Republic.

$145,000–$175,000/yr
United States

  • Strengthen company-wide security posture through hands-on engineering, collaboration, and pragmatic standards, focusing on application security, cloud and infrastructure security, and secure development practices.
  • Define and implement scalable security standards supporting SOC 2 readiness through practical, automated, and auditable solutions, partnering with Engineering, Infrastructure, IT, Product, Legal, and other teams.
  • Build and maintain internal security tools, automation, and services that support secure development, compliance workflows, vulnerability management, and operational visibility.

Later is the world’s most intelligent influencer marketing company, built to give brands the confidence to create unforgettable campaigns by combining real creator relationships, trusted intelligence, and expert guidance. Trusted by leading enterprise brands including Nike, Wayfair, Unilever, and Southwest Airlines, Later bridges creativity and performance so campaigns deliver results.

Mexico

  • Drive security engineering initiatives and embed security across engineering teams.
  • Manage threats and respond to incidents with advanced automation and AI agents.
  • Architect secure solutions for AI/ML workloads and mentor team members.

EarnIn is a pioneer of earned wage access, building products that deliver real-time financial flexibility for those living paycheck to paycheck. They have an experienced leadership team and world-class funding partners, and are growing fast with a healthy core business.

$125,000–$152,000/yr
US

  • Bridge the gap between traditional infrastructure security and modern DevSecOps, defining secure-by-design frameworks and implementing high-impact DevSecOps pipelines across multi-cloud environments.
  • Lead critical security reviews for emerging technologies, including artificial intelligence, and act as a collaborative partner to internal teams fostering proactive security and cyber vigilance.
  • Manage security lifecycles within multi-cloud environments, own the end-to-end vulnerability management program, and leverage SIEM platforms for real-time threat intelligence.

NPR is a thriving, mission-driven multimedia organization that produces award-winning news, information, and music programming in partnership with hundreds of independent public radio stations across the nation. They are innovators and leaders in diverse fields, from journalism and digital media to IT and development, committed to building an inclusive workplace where collaboration is essential and diverse voices are heard.

$200,000–$220,000/yr
US

  • Embed security into every stage of software delivery across multi-cloud environments (AWS, Azure) as a hands-on technical leader.
  • Architect secure, scalable infrastructure, set engineering standards, and mentor a team of DevSecOps engineers.
  • Champion a shift-left security culture, integrate AI-powered tooling, and partner with cross-functional teams to align secure cloud solutions with business objectives.

ComPsych is the worldwide leader in organizational mental health, well-being, and absence management, dedicated to igniting human potential in workplaces across the globe. For over 40 years, they have combined technology with human expertise to support more than 75,000 customers worldwide, touching over 160 million lives across 200 countries.

$150,600–$150,600/yr
US Unlimited PTO

  • Design and build the AI security control plane to enable safe adoption of AI across the enterprise.
  • Partner with engineering and security teams to modernize the SDLC for an AI-enabled world.
  • Drive technical leadership by translating emerging AI risks into actionable engineering strategies.

Granicus provides cloud-based solutions for government communications, website design, meeting management, and digital services. With over 5,500 government agency clients, 300 million citizen subscribers, and a remote-first culture, it has been consistently recognized on the GovTech 100 list.

US

  • Provide strong leadership as a security thought leader across Delinea's product offerings.
  • Perform end-to-end security architecture reviews and threat modeling.
  • Maintain and mature Product Security tooling such as SAST, SCA, DAST, ASPM.

Delinea is a pioneer in securing human and machine identities through intelligent, centralized authorization. They are a global team of passionate problem-solvers, with a culture of innovation, respect, and fairness.

Canada

  • Design and ship scalable security solutions to bridge the gap between security and engineering teams.
  • Build cooperative partnerships with product and engineering teams to integrate robust security capabilities at scale.
  • Drive security risk reduction through technical leadership, security reviews, and mentorship across engineering teams.

Twilio is a communications platform that delivers innovative solutions to hundreds of thousands of businesses and empowers millions of developers worldwide to craft personalized customer experiences. The company has a remote-first work culture with a strong focus on connection, global inclusion, and diverse experiences, making a global impact each day.