Senior Application Security Engineer II
About The Position
As a Senior Application Security Engineer, you will drive security initiatives that integrate seamlessly into the software development lifecycle. This role is all about empowering development teams with the tools, knowledge, and processes to build secure applications. You'll work side-by-side with developers as a security partner, not just a reviewer, to enhance our security posture while maintaining speed and innovation. You will leverage your strong software development background and application security expertise to build scalable security automation and tooling. This role is perfect for someone who is passionate about automating processes, enabling teams, and solving complex security challenges at scale.
Requirements
- Proficiency in programming languages like Python, Java, Go, or C#.
- Strong experience with modern development workflows, including CI/CD pipelines and Git-based version control.
- In-depth understanding of vulnerabilities and secure coding practices.
- Hands-on experience with security tools like Snyk, Semgrep, or similar.
- Ability to simplify and communicate technical security concepts to diverse audiences.
- Demonstrated success in partnering with developers to integrate security without disrupting velocity.
- Experience performing secure code reviews and interpreting SAST/DAST results.
- Familiarity with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes).
Nice To Haves
- Contributions to or leadership in open-source security tools.
- Relevant certifications
Responsibilities
- Integrate Security into Development
- Build and maintain security automation tools to seamlessly embed security checks into CI/CD pipelines.
- Partner with engineering teams to design secure-by-default architectures and workflows.
- Enable Developer Success
- Act as a trusted advisor and partner for development teams, providing actionable guidance to address security.
- Deliver training and mentorship on secure coding practices, empowering teams to proactively prevent vulnerabilities.
- Proactively Identify Risks
- Deploy and operationalize static (SAST), dynamic (DAST), and dependency (SCA) scanning tools.
- Lead vulnerability management efforts, ensuring critical vulnerabilities are identified, prioritized, and remediated.
- Advocate for a "security debt" reduction mindset to maintain long-term product integrity.
- Champion Security Automation
- Create and enhance tools that automate repetitive tasks and accelerate vulnerability detection and remediation.
- Stay ahead of industry trends to evaluate and implement cutting-edge security solutions.
Benefits
- Competitive salary and 401k with employer match
- Discretionary paid time off
- Paid parental leave for all
- Medical, Dental, Vision plans
- Fitness Programs
- Emotional & Mental Wellness support
- Learning & Development programs
- And yes, we have snacks in our offices
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Industry
Fabricated Metal Product Manufacturing
Education Level
No Education Listed
Number of Employees
1,001-5,000 employees
