Principal Application Security Engineer

Jobgether

2d•$182,300 - $252,500•Remote

About The Position

This position is posted by Jobgether on behalf of a partner company. We are currently looking for a Principal Application Security Engineer in United States. This role offers a strategic opportunity to shape and advance the security posture of a high-growth, digital-first platform. The Principal Application Security Engineer will partner closely with engineering and product teams to design, implement, and maintain secure applications and cloud-native infrastructure. You will lead threat modeling, vulnerability management, and security audits, while influencing security practices across the organization. This position balances hands-on technical execution with strategic oversight, enabling scalable and resilient security controls. You will work in a collaborative, remote-friendly environment with regular on-site sessions, ensuring that security is embedded across the software development lifecycle. Ideal candidates thrive in dynamic, high-impact settings where innovation and security go hand in hand.

Requirements

3+ years of experience in application security, security engineering, or a related role.
Bachelorâs degree in IT, Computer Science, or equivalent knowledge; advanced degrees preferred.
Hands-on experience with Java, Python, or Ruby development.
Strong understanding of authentication and authorization protocols (TLS, SAML, OAuth, etc.).
Familiarity with SAST/DAST tools, vulnerability scanners, and security-focused code reviews.
Knowledge of full stack development, SDLC, CI/CD pipelines, and common networking protocols.
Self-starter with the ability to operate hands-on and collaborate cross-functionally.

Nice To Haves

7+ years in high-security environments
security certifications (OSCP, OSCE, OSWE)
AWS/Kubernetes experience
contributions to the security community

Responsibilities

Partner with engineering and product teams to securely design and implement new applications and features.
Develop, maintain, and review threat models for high-risk functionality and cloud-native infrastructure.
Conduct vulnerability scanning, penetration testing, and remediation strategies for identified security issues.
Define and implement company-wide security controls and solutions across applications and infrastructure.
Advocate for security best practices across the organization, influencing development teams on secure coding standards and practices.
Identify and manage the internal and external attack surface, supporting proactive risk mitigation.
Operate as a core member of the engineering team, collaborating on secure software development processes from ideation to deployment.

Benefits

Competitive base salary ($182,300â$252,500 USD) plus bonus and equity.
Comprehensive medical, dental, and vision coverage with Health Savings Account contributions.
Generous 401(k) plan with matching contributions.
Employee Stock Purchase Plan (ESPP).
Life and disability insurance.
Paid holidays, vacation, and sick leave.
Parental, family care, and military leave programs.
Annual wellness, technology, and ergonomic reimbursements.
Opportunities for team events, employee resource groups, and professional development.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume