# Senior Application Security Engineer

**Company:** [Brex](https://hotfix.jobs/companies/brex)
**Location:** Remote
**Role:** Security Engineering
**Salary:** $192k – $240k/yr
**Experience:** 5+ years
**Skills:** Python, Kotlin, gRPC, GraphQL, Kubernetes, AWS, SAST, DAST, Penetration Testing, Threat Modeling
**Posted:** 2026-06-12

> Senior Application Security Engineer focused on finding vulnerabilities, performing penetration testing, and building security tooling across Brex's platform. Requires 5+ years in application security with strong Python and AI workflow knowledge.

## Job Description

## Responsibilities
- Identifying vulnerabilities, demonstrating business impact, and articulating the risk of specific vulnerabilities to drive prioritization efforts
- Perform penetration testing and design reviews, looking for vulnerabilities and insecure designs, work with engineering and product to design secure product features
- Maintain and build internal tools to automate security efforts, perform SAST and DAST testing of the Brex platform, and support secure development practices
- Build and contribute to a culture of collaborative security excellence through technical leadership, learning sessions, and mentorship within the team and wider organization

## Requirements
- 5+ years work experience in an Application Security or related role
- Ability to find vulnerabilities in complex systems, demonstrating business impact through custom attack chains
- Experience with a wide range of secure development activities including— threat modeling, developer education, and incident response
- Knowledge of Python, scripting languages, and AI/agentic workflows to automate tasks, build tools and improve productivity
- Collaborative mindset paired with strong written and verbal communication skills

## Nice-to-Haves
- Proficiency with Kotlin, gRPC, GraphQL, Kubernetes
- Previous experience as a software engineer
- Consultancy experience performing web application security reviews
- Experience with securing distributed systems in AWS and cloud environments
- Experience with pentesting and securing agentic features and systems
- Contributions to the wider technical community— open source, public research, mentorship, community organizing, blogging, CVEs, presentations, etc
- Experience submitting to bug bounty programs or responsible disclosure programs

## Compensation
The expected salary range for this role is $192,000 - $240,000. However, the starting base pay will depend on a number of factors including the candidate’s location, skills, experience, market demands, and internal pay parity. Depending on the position offered, equity and other forms of compensation may be provided as part of a total compensation package.

## Similar roles

- [Senior Security Engineer, Cloud, AI, Product Security](https://hotfix.jobs/jobs/d40d7486-d8b6-4649-81b5-06cd09e1b6b5) - Instacart - Remote - $192k – $242k/yr
- [Senior Product Security Engineer II](https://hotfix.jobs/jobs/6506c6c6-ede5-47d7-be52-0ae78626f698) - Instacart - Remote - $192k – $243k/yr
- [Senior Detection Engineer](https://hotfix.jobs/jobs/3ae20852-9e33-466d-9e98-8b8a05ee9647) - Instacart - Remote - $192k – $243k/yr
- [Senior Software Engineer - Code Gen](https://hotfix.jobs/jobs/6bf61b1d-8616-4de4-962c-a8231c365fb1) - Datadog - New York, NY - $192k – $240k/yr
- [Senior Security Operations Engineer](https://hotfix.jobs/jobs/cdae63fd-3797-4009-a2a4-6d4585ac10e2) - Brex - Seattle, WA - $192k – $240k/yr

**Apply:** https://hotfix.jobs/jobs/00fbf4bd-0f22-4258-a0df-768e8a221204
**Canonical:** https://hotfix.jobs/jobs/00fbf4bd-0f22-4258-a0df-768e8a221204