Senior Application Security Engineer
About The Position
As a Senior Application Security Engineer, you will be crucial in integrating security controls directly into our software development lifecycle (SDLC). This role is vital for reducing the exposure of proprietary code and minimizing application-layer vulnerabilities within our robot software, cloud platform (Agility Arc), and internal tools, thereby preventing expensive, post-deployment incidents. You will join a growing Security and Networking team focused on securing a tenfold increase in our network and application attack surface, while preparing the company for external compliance initiatives like SOC 2 and ISO 27001.
Requirements
- 5+ years of dedicated, hands-on experience in Application Security (AppSec) engineering or a related senior-level security role.
- Demonstrated expertise in Application Security engineering with programming skills.
- Experience supporting security controls in CI/CD pipelines and source control systems (e.g., GitHub, GitLab).
- Experience with penetration testing and vulnerability scanning.
- Proficiency in at least one modern programming language (e.g., Python, Go, C++).
- Strong understanding of security best practices for cloud-native, microservice, and distributed systems architecture.
- Experience with cloud security such as AWS or GCP.
- Experience mentoring junior security engineers.
Nice To Haves
- Experience in a rapidly scaling organization (IoT or robotics experience is a plus).
- Experience with AI for coding (such as Claude Code) or AI for application security protection (such as AI in security tooling) is a plus.
Responsibilities
- Support security practices throughout the entire software development process, from design review through deployment.
- Perform offensive penetration testing on web applications, internal services, and robot-side software to identify and remediate vulnerabilities.
- Support security tools, including Static Application Security Testing (SAST) or Dynamic Application Security Testing (DAST) or runtime vulnerability assessments, and Software Bill of Materials (SBOM) systems. Experience with systems such as Artifactory and GitHub Security.
- Support threat modeling including security reviews of major software releases.
- Manage the lifecycle of identified vulnerabilities, prioritizing remediation efforts based on risk to the fleet, proprietary code, and cloud infrastructure.
- Partner with development, platform, and infrastructure teams to ensure security requirements are met without hindering engineering velocity.
Benefits
- 401(k) Plan: Includes a 6% company match.
- Equity: Company stock options.
- Insurance Coverage: 100% company-paid medical, dental, vision, and short/long-term disability insurance for employees.
- Benefit Start Date: Eligible for benefits on your first day of employment.
- Well-Being Support: Employee Assistance Program (EAP).
- Time Off: Flexible, unlimited PTO and 12 company holidays, including a winter shutdown (for Exempt Employees); 10 vacation days, paid sick leave, and 12 company holidays, including a winter shutdown, annually (for Non-Exempt Employees).
- On-Site Perks: Catered lunches four times a week and a variety of healthy snacks and refreshments at our Salem and Pittsburgh locations.
- Parental Leave: Generous paid parental leave programs.
- Work Environment: A culture that supports flexible work arrangements.
- Growth Opportunities: Professional development and tuition reimbursement programs.
- Relocation Assistance: Provided for eligible roles.
- Annual Discretionary Bonus: Provided for eligible roles.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
