Source Job

$120,000–$154,440/yr
US 12w maternity 12w paternity

  • Architect, design, and implement end-to-end security solutions including firewalls, intrusion detection, and cloud security controls.
  • Collaborate with DevOps to integrate security into CI/CD pipelines and automate secure deployments.
  • Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.

Application Security Vulnerability Management CI/CD Cloud Security

20 jobs similar to Application Security Engineer

Jobs ranked by similarity.

US 5w PTO

  • Own key security domains such as vulnerability management, application security, API security, and supply chain security.
  • Partner with engineering teams to integrate security into design reviews, threat modeling, CI/CD pipelines, and developer workflows.
  • Develop and improve security tooling and automation to reduce manual effort and leverage AI for triage and detection.

NinjaTrader is an industry-leading trading platform and futures broker that empowers traders with award-winning software and brokerage services. Since 2003, the company has grown to over 2 million users and is the number one rated futures brokerage worldwide, fostering a dynamic culture focused on social connection, professional development, and employee recognition.

US

  • Lead implementation and optimization of AppSec tools such as SAST, DAST, and SCA across client environments.
  • Conduct manual application and API security assessments, identifying vulnerabilities and recommending remediation strategies.
  • Advise clients on secure SDLC practices and integrate security tools into CI/CD pipelines.

The company is a cybersecurity consulting firm that helps organizations design and operationalize application security programs. It operates with a remote-first culture and a collaborative, client-facing team.

US

  • Enable software engineering teams to continuously improve the security posture of products and SaaS environments through AppSec and DevSecOps expertise.
  • Serve as the go-to AppSec expert, mentoring engineers on secure design patterns and coding practices while collaborating on threat models and design reviews.
  • Lead automation of vulnerability management tooling across CI/CD pipelines, perform security code reviews, and contribute to compliance strategies.

Hypori is a high-growth cybersecurity SaaS company transforming how organizations think about secure mobility. Backed by $55M in funding from investors including UBS and AE Industrial Partners, the company is expanding into new commercial and regulated markets.

$175,000–$215,000/yr
US 4w PTO 12w maternity 12w paternity

  • Partner with Product and Engineering teams to integrate security into application design and development, leading threat modeling and secure code reviews.
  • Develop and implement automated security guardrails across the SDLC, investigate and prioritize application security findings.
  • Promote secure coding practices through training and coaching, and create security standards and procedures that scale across teams.

Quanata is an insurance technology innovation company that engineers advanced risk prediction and prevention solutions and builds a full-stack, flexible, digital & increasingly AI-native insurance platform. We are a remote-first company wholly owned and funded by State Farm, with a culture that prioritizes inclusivity and positive collaboration.

$218,000–$273,000/yr
US Canada Unlimited PTO

  • Own and improve the secure software development lifecycle, perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features.
  • Drive vulnerability management across internal reviews, bug bounty, pentests, and other research signals, ensuring findings are validated, prioritized, and tracked through remediation.
  • Configure and improve AppSec tooling and integrations, and use AI to automate and scale security processes while validating outputs with strong engineering judgment.

Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion.

Global Unlimited PTO

  • Conduct threat modelling reviews of Technical Design Documents (TDDs) and provide actionable security recommendations early in the design process.
  • Perform application security assessments, including penetration testing, vulnerability assessments, and proof-of-concept development.
  • Investigate, triage, and respond to Bug Bounty program submissions, validating findings and driving timely remediation with engineering teams.

MoonPay is a unified payments platform for digital currency. Trusted by over 30 million customers and over 500 ecosystem partners, the company is committed to building a fairer, more open financial system with a culture of accountability and inclusivity.

India

  • Partner with engineering, product, and DevOps teams to integrate security practices throughout the SDLC, focusing on cloud-native environments and automated pipelines.
  • Design, implement, and maintain security tooling and gates within CI/CD pipelines covering SAST, DAST, SCA, secrets detection, and container scanning.
  • Lead threat modeling, conduct application security assessments including code review and manual penetration testing, and triage bug bounty reports.

Hyland is the pioneer of the Content Innovation Cloud, delivering ubiquitous enterprise intelligence to organizations. With a team of nearly 4,000 employees, the company fosters an employee-centric culture focused on community impact and innovation.

Spain

  • Play a key role in protecting and strengthening large-scale cloud-native applications that power next-generation AI infrastructure.
  • Work at the intersection of software engineering and cybersecurity, ensuring security is embedded throughout the software development lifecycle.
  • Collaborate cross-functionally to identify and remediate vulnerabilities in complex distributed systems.

Our partner is a company building large-scale cloud-native applications that power next-generation AI infrastructure. They have a high-impact security engineering environment with a collaborative and innovative culture focused on trust, learning, and impact.

US

  • Secure AI systems and use AI to scale security, conducting security reviews and threat modeling of AI-integrated product features.
  • Deliver end-to-end application security reviews for high-risk features, working directly with engineering teams to surface and close risk.
  • Advance CI/CD pipeline security by operating and evolving security scanning controls in GitLab pipelines.

Smartsheet empowers teams to manage work and scale solutions by uniting human teams with AI agents. They are a large company with over 20 years of experience, fostering a culture where ideas are heard and contributions have real impact.

Ireland

  • Design and implement security controls across CI/CD pipelines, cloud infrastructure, and software development workflows.
  • Integrate security testing tools including SAST, DAST, dependency scanning, and vulnerability management.
  • Partner with Engineering, Infrastructure, and Security teams to implement secure development practices.

Kaseya is the leading provider of AI-powered IT management and cybersecurity software, serving Managed Service Providers (MSPs) and internal IT organizations worldwide. Backed by Insight Partners, the company supports customers in more than 20 countries, manages over 15 million endpoints, and fosters a culture of innovation, accountability, and results.

$145,000–$175,000/yr
United States

  • Strengthen company-wide security posture through hands-on engineering, collaboration, and pragmatic standards, focusing on application security, cloud and infrastructure security, and secure development practices.
  • Define and implement scalable security standards supporting SOC 2 readiness through practical, automated, and auditable solutions, partnering with Engineering, Infrastructure, IT, Product, Legal, and other teams.
  • Build and maintain internal security tools, automation, and services that support secure development, compliance workflows, vulnerability management, and operational visibility.

Later is the world’s most intelligent influencer marketing company, built to give brands the confidence to create unforgettable campaigns by combining real creator relationships, trusted intelligence, and expert guidance. Trusted by leading enterprise brands including Nike, Wayfair, Unilever, and Southwest Airlines, Later bridges creativity and performance so campaigns deliver results.

Asia

  • Design and implement secure application architectures considering authentication, authorization, data protection, and vulnerability management.
  • Develop and maintain secure coding guidelines, conduct security reviews, and implement security controls.
  • Communicate security risks to stakeholders and provide guidance on secure coding practices.

Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange. With over 300 million users in 100+ countries, it offers a diverse, fast-paced, and innovative work environment.

$60,000–$211,000/yr
Canada

  • Embed secure-by-design principles across cloud, SaaS, and AI-driven systems.
  • Lead threat modeling sessions and security design reviews for applications, APIs, and microservices.
  • Define security standards, mentor engineers, and drive organization-wide risk reduction programs.

Jobgether uses an AI-powered matching process to connect candidates with hiring companies quickly and objectively. They are a remote-first, globally distributed company with an inclusive engineering culture.

UK Global

  • Lead and own the ongoing operation and maintenance of Samsara’s vulnerability management program.
  • Collaborate with engineering teams to track and support the remediation of identified vulnerabilities.
  • Champion Samsara’s cultural principles in daily work.

Samsara is the pioneer of the Connected Operations Cloud, enabling organizations to harness IoT data for actionable insights. As a recently public company with a global team, they foster a culture of rapid career development and encourage employees to architect their own careers.

$192,000–$240,000/yr
United States

  • Perform penetration testing and design reviews to identify vulnerabilities and insecure designs.
  • Maintain and build internal tools to automate security efforts, including SAST and DAST testing.
  • Identify vulnerabilities, demonstrate business impact, and articulate risk to drive prioritization.

Brex is the intelligent finance platform that enables companies to spend smarter and move faster in over 200 markets. With tens of thousands of customers including DoorDash, Coinbase, and Zoom, Brex fosters a diverse and inclusive team culture where collaboration with some of the brightest minds in the industry is key.

US 4w PTO

  • Lead application security reviews, threat modeling, and secure code review for new features and significant product changes.
  • Operate and improve SAST, DAST, and SCA tooling, triage findings, and partner with engineering teams to harden the codebase.
  • Plan and execute internal penetration tests against web applications, APIs, and mobile clients, and own the vulnerability management lifecycle.

ButterflyMX empowers people to automate property access, operations, and security from a single platform, serving over 20,000 properties worldwide. As a distributed, primarily remote workforce, they seek intelligent, passionate, and collaborative individuals driven by a shared commitment to excellence and innovation.

US Unlimited PTO

  • Deliver Application Security services including threat modeling, architecture reviews, and program assessments.
  • Author comprehensive reports tailored to technical and managerial audiences with remediation strategies.
  • Contribute to practice development and mentor team members while embracing emerging technologies.

GuidePoint Security provides trusted cybersecurity expertise, solutions, and services to help organizations minimize risk. With over 1,200 employees, the company fosters a collaborative culture focused on mentorship and knowledge sharing.

Canada

  • Design and ship scalable security solutions to bridge the gap between security and engineering teams.
  • Build cooperative partnerships with product and engineering teams to integrate robust security capabilities at scale.
  • Drive security risk reduction through technical leadership, security reviews, and mentorship across engineering teams.

Twilio is a communications platform that delivers innovative solutions to hundreds of thousands of businesses and empowers millions of developers worldwide to craft personalized customer experiences. The company has a remote-first work culture with a strong focus on connection, global inclusion, and diverse experiences, making a global impact each day.

Global Unlimited PTO

  • Conduct application security reviews including threat modeling, code review, and risk assessment for new features.
  • Perform and improve SAST/DAST operations, triage, validation, and remediation tracking in CI/CD pipelines.
  • Apply and improve AI security review processes for LLM-integrated features and agentic attack surfaces.

Monarch is a powerful, all-in-one personal finance platform designed to simplify money management. They are a fully remote team of do-ers led by experienced entrepreneurs, passionate about building a product people love.

UK 4w PTO

  • Lead security strategy and develop scalable practices to protect systems, products, and customers.
  • Partner with engineering teams to improve resilience, reduce risk, and embed security into development.
  • Manage security incidents, evaluate emerging technologies, and build a high-performing security team.

The company is a fast-growing technology firm focused on innovation and engineering excellence. It operates with a distributed international team and emphasizes trust, autonomy, and ownership.