Application Security Engineer

WolfePittsburgh, PA
Onsite

About The Position

Wolfe is a Pittsburgh-based FinTech company building the next generation of financial products, and we are actively embedding AI across our product, our internal processes, and the way our teams work day-to-day. As an Application Security Engineer, you'll work hands-on alongside developers and DevOps engineers to build security into how we ship software — reviewing code, improving AI agent behaviors, hardening CI/CD pipelines, and helping teams find and fix vulnerabilities across application code, containers, and cloud infrastructure. This role is built for growth: whether you're a developer moving into security or an early-career security engineer expanding into application security, you'll learn enterprise security tooling — including AI/ML and LLM-powered tools — with support to earn certifications and grow alongside a security team that mentors in person. We're looking for candidates who are enthusiastic about an in-office culture. This is a 5-day onsite role in Pittsburgh, PA.

Requirements

  • 2+ years of experience in application security, DevSecOps, or software development with security exposure — including developers looking to move into a dedicated security role — plus a Bachelor's in Information Security, Cybersecurity, Computer Science, or a related field (equivalent experience accepted in lieu of a degree).
  • A real coding background and working knowledge of secure coding principles (OWASP Top 10, SANS CWE Top 25).
  • Some hands-on exposure to CI/CD pipelines (GitHub, GitLab, Jenkins, or AWS DevOps) and an interest in integrating security tooling into them.
  • Strong verbal and written communication skills, with the ability to explain security concepts to both technical and non-technical teammates.
  • Eagerness to learn enterprise security tooling (vulnerability scanners, Bot Management, SAST/DAST/SCA) and maturity frameworks like DSOMM or BSIMM — deep prior experience with these is a plus, not a requirement.

Nice To Haves

  • No certifications required; experience with CISSP, OSCP, GCSA, AWS Security Specialty, or CSSLP is a plus, and we'll support you in earning them.

Responsibilities

  • Perform code reviews, SAST/DAST testing, basic penetration tests, and basic threat modeling, and work with developers to remediate vulnerabilities across application code, libraries, containers, and infrastructure as code.
  • Integrate and run automated security tooling (such as Snyk, SemGrep, or Cycode) within CI/CD pipelines across code repositories (such as GitHub, GitLab, Jenkins, or AWS DevOps), and help automate findings triage and reporting.
  • Manage a vulnerability management program, vulnerability scanning tools and the enterprise Bug Bounty program, tracking and prioritizing remediation against defined SLAs.
  • Help operate and improve Bot Management, WAF, secrets management, and API security controls across Wolfe's applications.
  • Apply and promote secure coding standards aligned to OWASP and SANS CWE Top 25, and contribute to measuring DevSecOps maturity using a framework such as DSOMM or BSIMM.
  • Partner with developers, security operations, product management, and incident response teams, sharing secure-coding and vulnerability-management practices as you grow your own expertise.
  • Update existing Application Security Strategy and make improvements on monitoring and reporting on KPI’s.
  • Make a significant improvement to least one automated security tool (DAST, SAST, SCA, or container scanning) in the production CI/CD pipeline, with results feeding a documented triage workflow.
  • Driving additional Bug Bounty submissions and improve bot management turning & protections prior to end of Q3.
  • Provide product and technology advisement and testing for new application and AI functionality.
  • Develop and plan a purposeful Application and AI development training program.

Benefits

  • Restricted Stock Units (RSUs)
  • Profit Share and/or Incentive Bonus
  • Medical, Prescription, Vision, and Dental insurance for employees and dependents (Wolfe pays 80% of premium)
  • Short-Term Disability Insurance (Wolfe pays 100% of premium)
  • Voluntary Long-Term Disability Insurance, Life Insurance, Critical Illness Insurance, Accident Insurance, and Hospital Indemnity coverage
  • PTO (vacation and sick time)
  • Corporate Holidays and Floating Holidays
  • 401(k)
  • Employee recognition program
  • Charitable Donation to a charity of your choice yearly
  • Employee Referral Bonus
  • Tuition Reimbursement
  • Internal Training and Information sessions
  • Family Picnic, Holiday Party, and other outings
  • Internal Culture Club
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service