Security Engineer, Application Security

RogoNew York, NY
78d
Match Resume

About The Position

As a Security Engineer at Rogo, you’ll play a key role in strengthening the security of our products, applications, and cloud environments. You’ll identify and address vulnerabilities through code reviews, penetration testing, and security assessments, while also building tools and automation that improve how we protect our AI-driven platform. You’ll partner closely with development teams to integrate security into the software development lifecycle, ensuring secure coding practices and automated scanning are part of everyday workflows. Beyond engineering, you’ll provide guidance to stakeholders and help continue to foster a culture where security is a shared responsibility.

Requirements

  • Deep experience in application security testing, penetration testing, and code review.
  • Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Snyk).
  • Knowledge of implementing SAST, DAST, and SBOM/SCA tooling in CI/CD workflows.
  • Familiarity with Terraform and infrastructure-as-code security.
  • Experience developing in strongly typed language (e.g. Rust, C++, Java).
  • Strong communication skills for collaborating with developers, product teams, and leadership.
  • Applied knowledge of threat modeling, cryptography, and vulnerability management.
  • Understanding of security frameworks such as SOC2, CIS, ISO 27001/42001, or NIST CSF.

Nice To Haves

  • Hands-on cloud security experience in AWS or GCP.
  • Familiarity with Kubernetes security (RBAC, admission controllers, ingress, and network policies).

Responsibilities

  • Drive product, application, and cloud security by building tools, reviewing and implementing code, remediating vulnerabilities, and collaborating with teams.
  • Perform dynamic security reviews, threat modeling, and penetration testing of applications and APIs.
  • Own the end-to-end implementation of automated security reviews within Rogo’s SDLC.
  • Contribute directly to code by fixing and remediating vulnerabilities found in SDLC scans (SAST, DAST, SCA, IaC, etc.).
  • Design and implement security tools and automation that streamline workflows and integrate with our platform.
  • Review and secure cloud infrastructure, including hands-on Terraform and other infrastructure-as-code changes.
  • Build and maintain test environments and simulation ranges to validate security controls at scale.
  • Partner with engineers across the company to embed secure coding practices into CI/CD pipelines.
  • Maintain secure coding standards and deliver training to developers.
  • Respond to incidents, perform root cause analysis, and improve defenses against recurring risks.
  • Work with our enterprise Bug Bounty program to triage and resolve reported vulnerabilities.
  • Share emerging security threats, insights, and best practices with engineering teams and leadership.

Benefits

  • Exceptional traction with the world's largest investment banks, hedge funds, and private equity firms.
  • World-class team with high talent density.
  • Fast-paced work environment that promotes learning and growth.
  • Opportunity to work with cutting-edge AI systems and technology.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Mid Level

Number of Employees

51-100 employees

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service