Staff Application Security Engineer

Application EngineerApplication EngineerFull TimeRemoteTeam 10,001+Since 1994H1B SponsorCompany Site LinkedIn

Location

California

Posted

118 days ago

Salary

$198.2K - $297.4K / year

Bachelor Degree10 yrs expEnglishAWSAzureCloudDistributed SystemsGoogle Cloud PlatformJavaJava ScriptKubernetesPythonSDLCTcp/ip

Job Description

• Lead security initiatives across the SDLC and improve development practices through scalable automation. • Conduct and guide threat modeling and security requirements early in design phases. • Partner with developers, architects, and product managers to align business goals with security needs. • Lead security architecture and code reviews for distributed systems. • Perform hands-on testing to identify risks and drive remediation with vulnerability and incident response teams. • Advance the Product Security strategy through multi-functional initiatives and cultural influence. • Balance business and security risks through technically grounded, pragmatic recommendations. • Translate lessons learned into reusable organizational assets that enhance overall security posture. • Mentor engineers and practitioners, promoting secure-by-default thinking and shared accountability. • Demonstrate proactive leadership, coordinating teams to deliver measurable security and business impact.

Job Requirements

7+ years in information security and 3+ years in software development.
Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent experience.
Effective communication and leadership abilities; capable of influencing technical and non-technical collaborators including management.
Dedicated and proactive, finding opportunities and leading initiatives independently.
Deep understanding of enterprise and cloud-native architectures and their secure design.
Expertise in network and web protocols (TCP/IP, TLS, HTTPS, OAuth 2.0, OpenID Connect) and common attack vectors.
Proven expertise in guiding security development and code evaluations and providing actionable, risk-based recommendations.
Skilled in multiple programming languages (e.g., Java, C/C++, JavaScript, Python) and mitigating vulnerabilities such as OWASP Top 10.
Experience integrating SAST, DAST, and dependency scanning into CI/CD pipelines.
Familiar with Agile, DevOps, and modern delivery practices.
Hands-on experience with cloud technologies (AWS, Azure, GCP, Kubernetes, service mesh, CDN) including secure configuration and identity management.