Source Job

$145,000–$175,000/yr
United States

  • Strengthen company-wide security posture through hands-on engineering, collaboration, and pragmatic standards, focusing on application security, cloud and infrastructure security, and secure development practices.
  • Define and implement scalable security standards supporting SOC 2 readiness through practical, automated, and auditable solutions, partnering with Engineering, Infrastructure, IT, Product, Legal, and other teams.
  • Build and maintain internal security tools, automation, and services that support secure development, compliance workflows, vulnerability management, and operational visibility.

Security Engineering Cloud Security Application Security Software Engineering Compliance

20 jobs similar to Senior Security Engineer

Jobs ranked by similarity.

US

  • Enable software engineering teams to continuously improve the security posture of products and SaaS environments through AppSec and DevSecOps expertise.
  • Serve as the go-to AppSec expert, mentoring engineers on secure design patterns and coding practices while collaborating on threat models and design reviews.
  • Lead automation of vulnerability management tooling across CI/CD pipelines, perform security code reviews, and contribute to compliance strategies.

Hypori is a high-growth cybersecurity SaaS company transforming how organizations think about secure mobility. Backed by $55M in funding from investors including UBS and AE Industrial Partners, the company is expanding into new commercial and regulated markets.

Canada

  • Design and ship scalable security solutions to bridge the gap between security and engineering teams.
  • Build cooperative partnerships with product and engineering teams to integrate robust security capabilities at scale.
  • Drive security risk reduction through technical leadership, security reviews, and mentorship across engineering teams.

Twilio is a communications platform that delivers innovative solutions to hundreds of thousands of businesses and empowers millions of developers worldwide to craft personalized customer experiences. The company has a remote-first work culture with a strong focus on connection, global inclusion, and diverse experiences, making a global impact each day.

India

  • Partner with engineering, product, and DevOps teams to integrate security practices throughout the SDLC, focusing on cloud-native environments and automated pipelines.
  • Design, implement, and maintain security tooling and gates within CI/CD pipelines covering SAST, DAST, SCA, secrets detection, and container scanning.
  • Lead threat modeling, conduct application security assessments including code review and manual penetration testing, and triage bug bounty reports.

Hyland is the pioneer of the Content Innovation Cloud, delivering ubiquitous enterprise intelligence to organizations. With a team of nearly 4,000 employees, the company fosters an employee-centric culture focused on community impact and innovation.

$100,000–$125,000/yr
US Unlimited PTO

  • Own the operational health of one or two engineering domains (identity, network, cloud, endpoint, monitoring) and lead cross-team security initiatives.
  • Design security patterns, reference architectures, and standards that the team executes against, ensuring audit-ready documentation.
  • Mentor mid and associate engineers through pairing, code review, and clear standards to elevate team capability.

Aprio is a Top 20 CPA and advisory firm with over 40 U.S. office locations, international offices, and more than 3,200 team members speaking 60+ languages. They provide expertise and strategic foresight for fast-growing industries, fostering a progressive and innovative culture.

$120,000–$154,440/yr
US 12w maternity 12w paternity

  • Architect, design, and implement end-to-end security solutions including firewalls, intrusion detection, and cloud security controls.
  • Collaborate with DevOps to integrate security into CI/CD pipelines and automate secure deployments.
  • Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.

Figure is transforming capital markets through blockchain, powering real products used by hundreds of thousands of consumers and institutions. With over 170 partners and $22 billion in home equity loans originated, Figure is the largest non-bank provider of home equity financing in the U.S., recognized as one of Forbes' Most Innovative Fintech Startups in 2025.

US

  • Lead the development, rollout, and operations of security operations tools and services such as SIEM, EDR, NDR, email, and cloud, building detection rules, automated playbooks, and integrations.
  • Apply a detections-as-code approach with version-controlled, peer-reviewed detection rules tuned against alert quality metrics.
  • Architect and implement security engineering capabilities including endpoint security, data loss prevention, email security, network security, SIEM enhancements, detection engineering, and security automation.

Delinea is a pioneer in securing human and machine identities through intelligent, centralized authorization, empowering organizations to govern interactions across the modern enterprise. It is a global team with a culture of innovation, respect, and fairness, backed by strategic investment from TPG.

$218,000–$273,000/yr
US Canada Unlimited PTO

  • Own and improve the secure software development lifecycle, perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features.
  • Drive vulnerability management across internal reviews, bug bounty, pentests, and other research signals, ensuring findings are validated, prioritized, and tracked through remediation.
  • Configure and improve AppSec tooling and integrations, and use AI to automate and scale security processes while validating outputs with strong engineering judgment.

Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion.

$186,000–$256,000/yr
US Unlimited PTO

  • Lead a small, high-leverage team of senior and staff security engineers, setting technical direction and growing talent.
  • Partner with product and executives to deliver AI-first security capabilities and represent security to customers.
  • Turn compliance (ISO 27001, SOC 2) into continuous assurance, protecting customer trust.

Sysdig creates cloud security solutions, including the open standard Falco for threat detection, used by over 60% of the Fortune 500. Recognized as a Best Place to Work and one of Deloitte's fastest-growing companies for the past 5 years, they value diversity and open dialogue.

$175,000–$215,000/yr
US 4w PTO 12w maternity 12w paternity

  • Partner with Product and Engineering teams to integrate security into application design and development, leading threat modeling and secure code reviews.
  • Develop and implement automated security guardrails across the SDLC, investigate and prioritize application security findings.
  • Promote secure coding practices through training and coaching, and create security standards and procedures that scale across teams.

Quanata is an insurance technology innovation company that engineers advanced risk prediction and prevention solutions and builds a full-stack, flexible, digital & increasingly AI-native insurance platform. We are a remote-first company wholly owned and funded by State Farm, with a culture that prioritizes inclusivity and positive collaboration.

US

  • Lead implementation and optimization of AppSec tools such as SAST, DAST, and SCA across client environments.
  • Conduct manual application and API security assessments, identifying vulnerabilities and recommending remediation strategies.
  • Advise clients on secure SDLC practices and integrate security tools into CI/CD pipelines.

The company is a cybersecurity consulting firm that helps organizations design and operationalize application security programs. It operates with a remote-first culture and a collaborative, client-facing team.

Canada

  • Lead a specialized team of security engineers focused on application, cloud, and AI system security.
  • Champion shift-left security practices including threat modeling, secure code review, and developer training.
  • Define cloud security standards and enforce security for AI systems including LLM-based agents.

Acquia empowers ambitious brands to create digital customer experiences using open source Drupal. Headquartered in Boston, MA, it is a Great Place to Work-Certified company and among the world's top software companies.

Europe

  • Champion and implement security best practices and automated tooling across Spotify's infrastructure and platforms.
  • Partner closely with teams to integrate security throughout the software development lifecycle from design to deployment.
  • Conduct threat modeling, security reviews, and risk assessments for both AI and non-AI systems.

Spotify is the world's most popular audio streaming subscription service, unlocking the potential of human creativity by giving artists the opportunity to live off their art. With over 700 million users, the company values curiosity, collaboration, and a willingness to both teach and learn from others.

US 5w PTO

  • Own key security domains such as vulnerability management, application security, API security, and supply chain security.
  • Partner with engineering teams to integrate security into design reviews, threat modeling, CI/CD pipelines, and developer workflows.
  • Develop and improve security tooling and automation to reduce manual effort and leverage AI for triage and detection.

NinjaTrader is an industry-leading trading platform and futures broker that empowers traders with award-winning software and brokerage services. Since 2003, the company has grown to over 2 million users and is the number one rated futures brokerage worldwide, fostering a dynamic culture focused on social connection, professional development, and employee recognition.

  • Owns product, cloud, engineering, vendor, AI-tooling, and compliance security functions.
  • Builds practical guardrails for AI tools, agents, MCPs, data leakage, and automation.
  • Understands OWASP, IAM, secrets, cloud security, vulnerability management, CI/CD, incident response, and frameworks like SOC 2, ISO 27001, GDPR, or HIPAA.

PlayPower Labs is a company focused on building practical security functions without slowing down teams. The organization values security sharpness, usefulness, and a product-minded approach, with a culture that balances protection and agility.

Europe US Unlimited PTO

  • Triage, validate, and remediate security vulnerabilities across products, infrastructure, and internal systems.
  • Develop, maintain, and contribute to internal and open-source security tooling, writing production-grade code.
  • Improve secure development practices through code reviews, threat modeling, and security design reviews.

Tiger Data provides the fastest PostgreSQL platform for transactional, analytical, and agentic workloads. With over 2,000 customers and 3 million active databases, it is a remote-first team backed by $180 million in funding.

US

  • Secure AI systems and use AI to scale security, conducting security reviews and threat modeling of AI-integrated product features.
  • Deliver end-to-end application security reviews for high-risk features, working directly with engineering teams to surface and close risk.
  • Advance CI/CD pipeline security by operating and evolving security scanning controls in GitLab pipelines.

Smartsheet empowers teams to manage work and scale solutions by uniting human teams with AI agents. They are a large company with over 20 years of experience, fostering a culture where ideas are heard and contributions have real impact.

$100,000–$150,000/yr
North America Unlimited PTO

  • Collaborate with multiple teams to build and enhance complex software and security tooling.
  • Help improve availability, performance, scalability, and security of security tools.
  • Focus on DevSecOps tooling and strategy to automate and enhance security posture.

UltraViolet Cyber is a leading platform-enabled unified security operations company providing comprehensive security solutions. Founded by security practitioners with decades of experience, the company serves Fortune 500, Federal Government, and Commercial clients and has global offices across the U.S. and in India.

$100,000–$160,000/yr
US

  • Support the day-to-day security posture of systems across cloud and on-prem environments, including vulnerability management and remediation tracking.
  • Partner with infrastructure, platform, and engineering teams on secure configuration, access control, logging, and incident readiness.
  • Support compliance activities related to GovRAMP, FedRAMP, PCI DSS, and internal reviews using AWS security tooling.

Grant Street Group is a growing company that provides SaaS products for electronic payments, auctions, and tax collection. The company fosters a culture of teamwork, professional excellence, and individual responsibility in a technology-rich remote environment.

United States Unlimited PTO

  • Partner with the CISO to drive security strategy, roadmap, and execution across application security, GRC, and operations.
  • Support compliance initiatives including PCI, SOC 2, ISO 27001, DORA, and FedRAMP readiness.
  • Serve as a trusted security leader in customer-facing settings, translating technical risks into business language.

Sardine is the leading agentic risk platform for fighting financial crime, integrating data across risk teams to stop fraud and automate AML operations. With over 6 billion profiled devices and 800 million consumers, we maintain a remote-first culture that values performance over hours worked.

Ireland

  • Design and implement security controls across CI/CD pipelines, cloud infrastructure, and software development workflows.
  • Integrate security testing tools including SAST, DAST, dependency scanning, and vulnerability management.
  • Partner with Engineering, Infrastructure, and Security teams to implement secure development practices.

Kaseya is the leading provider of AI-powered IT management and cybersecurity software, serving Managed Service Providers (MSPs) and internal IT organizations worldwide. Backed by Insight Partners, the company supports customers in more than 20 countries, manages over 15 million endpoints, and fosters a culture of innovation, accountability, and results.