Application Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Application Security Engineer safeguarding OnePay's financial platform, ensuring compliance and developing secure architectures. Collaborating to implement automated security measures and maintain trust for users.
Responsibilities:
- Architect and implement secure AWS configurations (IAM roles/policies, encryption keys, VPC segmentation)
- Embed security into CI/CD pipelines and repos using policy-as-code tools (pre-commit hooks, SAST/SCA, IDE tool integrations)
- Secure container and orchestration environments (EKS, Kubernetes, Docker) per best practices
- Conduct threat modeling sessions and risk‑driven design reviews early in development
- Perform secure code reviews and static/dynamic analysis; oversee remediation with dev teams
- Automate repetitive security tasks—vulnerability triage, code scanning, tool orchestration
- Build and extend in-house AppSec automation frameworks or pentest tooling
- Partner with security architecture and detection teams (SIEM tuning, logging, telemetry alignment)
- Develop and enforce AppSec standards and patterns across product teams; iterate through feedback loops
- Support regulatory or compliance assessments (PCI, CCPA, GLBA) as needed
Requirements:
- 8–12 years’ experience in application security engineering, DevSecOps, or security platform engineering
- Deep familiarity with CVSS, MITRE ATT&CK frameworks, OWASP Top 10 and CWE taxonomy
- Proven experience with AWS core services: IAM, KMS, VPC, EC2, RDS, EKS
- Hands-on expertise in securing IaC and CI/CD pipelines; strong knowledge of policy-as-code tooling
- Container security experience: Docker, Kubernetes, EKS-related threat surfaces
- Solid threat modeling and secure code review skills; SAST/SCA tool proficiency
- Experience scripting automation (e.g. Python, Bash, PowerShell) to streamline AppSec tasks
- Capability to lead in-house AppSec frameworks or tooling development
- Strong communicator, able to translate technical findings to non-technical stakeholders
- Track record of defining and institutionalizing security architecture patterns
Benefits:
- Competitive base salary, stock options, and health benefits from Day 1
- 401(k) plan with company match
- Remote-friendly (US), flexible time off (FTO), and opportunities for growth
- A high-growth, mission-driven, inclusive culture where your work has real impact
Similar Jobs
Senior Application Engineer, IT Engineering
Senior Application Engineer designing and building internal tools for Phantom's operations. Utilizing AI to automate workflows and enhance infrastructure management.
Senior Application Platform Engineer
Senior Software Engineer shaping innovative solutions at Qventus, focusing on healthcare transformation. Collaborating with diverse teams to enhance patient care through technical expertise.
Application Engineer – Mining
Application Engineer responsible for engineering activities for Conveyor Products. Offering support and troubleshooting in Arizona while leading customer projects and strategic implementations.
Senior Application Security Engineer
Senior Application Security Engineer working remotely to mature application security program. Collaborating with teams to ensure secure software development throughout the entire lifecycle.
Senior Principal Applications Engineer
Senior Principal Applications Engineer at NXP working with teams on product improvements and new features. Leading board validation and customer support issues while developing application collateral.
Application Engineer
Application Engineer providing technical packaging solutions in Meat and Dairy markets. Collaborating with customers and internal teams to enhance application performance and drive growth.
Senior Databricks Application Engineer
Senior Databricks Application Engineer designing Databricks Apps and developing data solutions remotely. Collaborating on analytics workflows and cloud integration for IT Services.
Senior Application Security Engineer
Senior Application Security Engineer at Amerisure designing and maintaining security controls for applications. Leading security monitoring and vulnerability management in a DevSecOps environment.
Full-stack AI Application Engineer
Full-stack Engineer at ThirdLaw building AI-native platform features. Working in a small team to deliver impactful solutions to ensure AI trust and safety.
Senior Application Security Engineer
Senior Application Security Engineer at RevenueCat ensuring security across web and mobile applications. Collaborating with engineering teams and external parties to create secure frameworks and support bug bounty programs.
Technology Field Application Engineer
Technology Field Application Engineer at Arrow Global Components facilitating solutions for customer designs through technical leadership and engineering investments. Partnering with sales teams and managing supplier expectations.
Application Security Engineer
Application Security Engineer responsible for embedding security in software delivery at SNHU. Collaborating with DevSecOps teams to ensure application security in various approved remote states.
Application Engineer – Europe South
Application Engineer providing technical expertise and support for Mecademic's robotic solutions. Focused on Europe South region while engaging with engineers and integrators.
Application Engineer – DACH Region
Technical expert for Mecademic's robotic solutions in the DACH region. Provide in-depth technical support and demonstration for successful deployment and optimization of robotic solutions.
Principal AI Application Engineer
Principal AI Application Engineer creating modular AI solutions for government services at Code for America. Collaborating with various teams for effective public service delivery.
Application Engineer
Drive technical support and training for Cimatron CAD and Mold products while collaborating with sales teams in Mexico. Oversee customer implementation projects and maintain high-quality customer satisfaction levels.
Application Support Engineer
Application Support Engineer responsible for resolving application and infrastructure issues in customer-hosted environments at Lumin Digital. Collaborating with internal teams to ensure smooth client operations.
Senior Cloud Application Support Engineer
Cloud Engineer providing advanced support and troubleshooting for cloud-based services in a managed service environment. Leading problem resolution efforts and improving service offerings using Azure expertise.
Dynamics 365 Application Support Engineer
Dynamics 365 Application Support Engineer managing application issues and ensuring customer satisfaction. Supporting Microsoft's Dynamics 365 systems while adhering to IT security principles and best practices.
Application Security Engineer – Threat Modeling, SAST, SCA
Application Security Engineer at Netsentries performing secure code assessments and Threat Modeling for enterprise web/mobile applications. Collaborating with development teams to identify and remedy vulnerabilities.