Senior Application Security Engineer II

Axon•Seattle, WA

6h•Hybrid

About The Position

Join Axon and be a Force for Good. At Axon, we’re on a mission to Protect Life. We’re explorers, pursuing society’s most critical safety and justice issues with our ecosystem of devices and cloud software. Like our products, we work better together. We connect with candor and care, seeking out diverse perspectives from our customers, communities and each other. Life at Axon is fast-paced, challenging and meaningful. Here, you’ll take ownership and drive real change. Constantly grow as you work hard for a mission that matters at a company where you matter. Your Impact As a Senior Application Security Engineer, you will drive security initiatives that integrate seamlessly into the software development lifecycle. This role is all about empowering development teams with the tools, knowledge, and processes to build secure applications. You’ll work side-by-side with developers as a security partner, not just a reviewer, to enhance our security posture while maintaining speed and innovation. You will leverage your strong software development background and application security expertise to build scalable security automation and tooling. This role is perfect for someone who is passionate about automating processes, enabling teams, and solving complex security challenges at scale. What You’ll Do Location: This role is based out of one of our offices (Atlanta, Boston, Scottsdale, or Seattle) and follows a hybrid schedule. We rely on in-person collaboration and ask that team members work onsite Tuesdays through Fridays, with the flexibility to work remotely on Mondays, unless there is an approved workplace accommodation. We believe that connection fuels innovation, and our in-office culture is designed to foster meaningful teamwork, mentorship, and shared success. Reports to: Senior Product Security Manager Direct Reports: None

Requirements

Proficiency in programming languages like Python, Java, Go, or C#.
Strong experience with modern development workflows, including CI/CD pipelines and Git-based version control.
In-depth understanding of vulnerabilities and secure coding practices.
Hands-on experience with security tools like Snyk, Semgrep, or similar.
Ability to simplify and communicate technical security concepts to diverse audiences.
Demonstrated success in partnering with developers to integrate security without disrupting velocity.
Experience performing secure code reviews and interpreting SAST/DAST results.
Familiarity with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes).

Nice To Haves

Contributions to or leadership in open-source security tools.
Relevant certifications

Responsibilities

Integrate Security into Development Build and maintain security automation tools to seamlessly embed security checks into CI/CD pipelines.
Partner with engineering teams to design secure-by-default architectures and workflows.
Enable Developer Success Act as a trusted advisor and partner for development teams, providing actionable guidance to address security issues.
Deliver training and mentorship on secure coding practices, empowering teams to proactively prevent vulnerabilities.
Proactively Identify Risks Deploy and operationalize static (SAST), dynamic (DAST), and dependency (SCA) scanning tools.
Lead vulnerability management efforts, ensuring critical vulnerabilities are identified, prioritized, and remediated.
Advocate for a “security debt” reduction mindset to maintain long-term product integrity.
Champion Security Automation Create and enhance tools that automate repetitive tasks and accelerate vulnerability detection and remediation.
Stay ahead of industry trends to evaluate and implement cutting-edge security solutions.