Lead Application Security Engineer

Zeta Global
$140,000 - $180,000

About The Position

We’re seeking a Lead Application Security Engineer to help advance Zeta Global’s application and platform security posture through AI-native security practices, intelligent automation, and scalable security engineering. You’ll play a critical role in embedding security throughout the software development lifecycle by using AI-driven tools, automated controls, and data-informed risk prioritization to ensure our systems, applications, and AI-powered platforms are built securely from the ground up. Zeta operates at massive scale, powering billions of consumer profiles and petabytes of data across real-time, AI-powered marketing platforms. In this role, you’ll collaborate with Engineering, Product, QA, DevOps, and AI platform teams to identify risks, design secure-by-default patterns, and build automated security capabilities that enable secure innovation at speed. This position offers significant technical scope, cross-functional visibility, and the opportunity to directly influence the company’s security maturity through AI-enabled threat modeling, automated validation, intelligent vulnerability management, and proactive defense.

Requirements

  • Bachelor’s degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
  • 5+ years of experience in Application Security, DevSecOps, Secure Software Development, or Security Engineering.
  • Strong understanding of OWASP Top 10, SANS CWE Top 25, secure design principles, and application threat modeling.
  • Familiarity with AI/ML security concepts such as prompt injection, data poisoning, adversarial testing, model integrity, model abuse, and AI supply-chain risks.
  • Experience building or integrating AI-assisted security workflows, security bots, automated triage systems, or risk scoring models.
  • Experience using AI-assisted or automation-driven approaches to improve security testing, vulnerability analysis, code review, or risk prioritization.
  • Experience with modern application frameworks and architectures such as React, Node.js, Django, FastAPI, or similar technologies.
  • Knowledge of securing APIs, microservices, authentication, and authorization mechanisms such as OAuth2, OIDC, JWT, and service-to-service authentication.
  • Experience with cloud platforms such as AWS, GCP, or Azure, and containerized environments such as Docker and Kubernetes.
  • Working knowledge of security testing and automation tools such as Semgrep, SonarQube, Burp Suite, OWASP ZAP, Trivy, Snyk, GitHub Advanced Security, or similar tools.
  • Ability to analyze security findings, correlate risk context, and drive practical remediation guidance for engineering teams.
  • Strong collaboration and communication skills with the ability to work across Engineering, Product, QA, DevOps, and Security teams.

Nice To Haves

  • Experience with policy-as-code, infrastructure-as-code security, CI/CD security controls, and automated governance.
  • Experience with automation frameworks and scripting for security testing, vulnerability validation, and remediation workflows.
  • Relevant certifications such as OSCP, GWAPT, CSSLP, cloud security certifications, or AI/ML-specific security certifications.

Responsibilities

  • Use AI-assisted threat modeling capabilities to identify application, platform, API, cloud, data, and AI/ML security risks early in the design and development process.
  • Leverage automated security review tools to evaluate architecture, design documents, code changes, APIs, and data flows for security gaps and control weaknesses.
  • Drive AI-assisted code security reviews using SAST, DAST, SCA, secrets detection, IaC scanning, container scanning, and contextual risk analysis.
  • Use automation and intelligent correlation to assess third-party libraries, APIs, vendor integrations, and open-source dependencies for security, compliance, and supply-chain risk.
  • Support AI-enabled red team, blue team, and incident response simulations to validate detection, prevention, and response capabilities.
  • Partner with developers and QA engineers to embed AI-driven security testing and automated risk detection into CI/CD pipelines.
  • Build and improve security automation that provides real-time feedback to developers during design, coding, testing, release, and deployment.
  • Use AI-assisted analysis to review architecture and design artifacts, identify risks earlier, and recommend secure implementation patterns.
  • Contribute to intelligent security checkpoints that reduce manual review effort while improving consistency, traceability, and developer velocity.
  • Help design scalable guardrails, reusable security controls, and policy-as-code capabilities across application and platform teams.
  • Monitor evolving application, cloud, API, AI/ML, and data security risks using AI-assisted threat intelligence, vulnerability intelligence, and attack-pattern analysis.
  • Identify and evaluate AI-specific threats such as prompt injection, data poisoning, model abuse, model leakage, insecure tool use, and sensitive data exposure.
  • Assist in designing and deploying proactive defense mechanisms across applications, APIs, data platforms, and AI-powered systems.
  • Use automated signals, telemetry, and risk scoring to support investigations, post-incident analysis, and continuous improvement of prevention and detection capabilities.
  • Translate recurring vulnerabilities and incidents into feedback loops that improve threat models, secure design patterns, and SDLC controls.
  • Promote secure coding and secure design practices through AI-assisted guidance, reusable playbooks, automated recommendations, and developer-friendly documentation.
  • Contribute to internal security standards, secure engineering patterns, and AI-native security playbooks.
  • Help teams adopt security self-service capabilities that reduce dependency on manual AppSec review.
  • Collaborate closely with Engineering, DevOps, QA, Product, and AI platform teams to foster a security-first and automation-first culture.
  • Use metrics and insights to measure control effectiveness, remediation trends, developer adoption, and overall security maturity.

Benefits

  • Unlimited PTO
  • Excellent medical, dental, and vision coverage
  • Employee Equity
  • Employee Discounts, Virtual Wellness Classes, and Pet Insurance And more!!
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service