Назад
Company hidden
3 дня назад

Senior Application Security Engineer

111 000 - 144 400$
Формат работы
remote (только USA)
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior Application Security Engineer (AppSec): Plan and execute application security testing across the software development life cycle with an accent on SAST/DAST/SCA, secure coding practices, and risk-mitigating remediation. Focus on threat modeling for production LLM stacks (autonomy and prompt injection risks), securing the software supply chain, and driving an automated, repeatable security review process.

Location: Remote (US) / Reno, NV

Salary: $111,000–$144,400 annually

Company

hirify.global builds real estate analytics, data solutions, valuation technology, and automated appraisal review platforms.

What you will do

  • Plan and carry out application security testing across all SDLC phases to identify vulnerabilities and weaknesses in secure coding practices.
  • Assess vulnerabilities and recommend risk-mitigating solutions, using automation to improve testing and remediation efficiency.
  • Communicate security findings, risks, and recommendations to stakeholders and track delivery/implementation progress against SLAs and business metrics.
  • Lead AI security initiatives, including threat modeling for production LLM stacks and auditing third-party models and APIs to secure the software supply chain.
  • Collaborate with architects and development teams to drive secure design practices using established security standards, configurations, and frameworks.
  • Define and run an automated, repeatable security review process; monitor public security issues and train developers and junior AppSec engineers.

Requirements

  • 4+ years of related experience.
  • Bachelor’s degree in a technical field (Computer Science, Information Technology, Software Engineering) or equivalent experience.
  • Hands-on application security testing experience with SAST, DAST, and Software Composition Analysis (SCA) tools.
  • Strong application security assessment skills: threat modeling, vulnerability and penetration testing, API security, OWASP Top Ten mitigation, and securing applications in AWS and private cloud environments.
  • Programming/scripting background (e.g., Java, Python, C++, Ruby, JavaScript, PowerShell, PHP).
  • Relevant certifications (e.g., C|ASE, CSSLP, GWAPT, OSCP) and experience with frameworks/standards such as ISO 27001, NIST, GDPR, CIS, or SOC 2.

Culture & Benefits

  • Comprehensive medical, dental, and company-paid vision insurance; 401(k) with employer match.
  • Paid time off (PTO) and paid holidays; employee assistance and wellness programs.
  • Company paid short-term disability coverage and company contributions to health savings funds (with a high deductible plan).
  • Access to Galileo (virtual primary care) and Rula (virtual mental health resources).
  • Base salary range of $111,000–$144,400 plus profit-sharing bonus program, communication stipends, and referral bonuses.
  • Career and skill development resources in a mission-driven environment.

Hiring process

  • Interviews to evaluate application security testing experience, threat modeling, and secure development practices.
  • Discussion of security review process ownership and collaboration with product and engineering stakeholders.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →