Plus
Включить Plus
Назад
Company hidden
21 час назад

Senior Application Security Engineer (Cybersecurity)

180 000 - 210 000$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (Cybersecurity): Run offensive security assessments, lead threat modeling, and own AppSec tooling for hirify.global's real estate platform with an accent on penetration testing, cloud hardening, and custom automation. Focus on exploiting vulnerabilities, evolving SAST/DAST pipelines, and partnering with engineering teams to prevent security issues in production.

Remote (US offices: San Francisco CA, Concord NH, Austin TX)

Salary: $180,000-$210,000

Company

Leading B2B real estate technology platform connecting homebuyers, sellers, lenders, title agents, and real estate agents on a shared digital closing platform.

What you will do

  • Run offensive assessments: manual pentesting, exploit development, web/API testing, and adversarial design reviews.
  • Lead threat modeling and secure design reviews for high-risk initiatives; mentor engineers.
  • Own and evolve AppSec tooling: SAST, DAST, SCA, secret scanning, IaC scanning, CI/CD gates, custom rules.
  • Harden AWS cloud posture: IAM, Kubernetes/EKS, networking; build automation and guardrails.
  • Build tools to reduce toil and partner on detection engineering, incident response.
  • Set technical direction for AppSec team and represent in architecture reviews.

Requirements

  • 8+ years in appsec, offensive security, or security engineering; depth in offensive testing, tooling, cloud security.
  • Strong manual exploitation of web/API vulns; ability to teach others.
  • Experience building/operating SAST/DAST/SCA pipelines, custom rules, CI/CD gates.
  • Production AWS (IAM, VPC), Docker/Kubernetes/EKS, IaC (Terraform).
  • Code review/contribution in Python, Go, Ruby, TypeScript or similar.
  • Clear communication and strong partnership skills.

Nice to have

  • Fintech/proptech/healthcare experience.
  • Bug bounty contributions.
  • Identity/access systems (OIDC, SAML).
  • Detection engineering, DFIR, red-team.
  • Open source security contributions, research, CVEs.
  • Certifications (OSCP, OSWE, etc.).

Culture & Benefits

  • Comprehensive health plans, 401k, commuter benefits.
  • Professional development, parental leave, flexible time off.
  • Robust onboarding, biweekly all-hands, virtual events.
  • Diverse, inclusive environment; equal opportunity employer.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →