Skip to content
NerdioNerdioUnited States

Application Security Architect

Leads the development and evolution of the Application Security program, integrating security practices into SDLC through threat modeling, code reviews, and pen testing. Collaborates with engineering teams on web, mobile, and API security for a SaaS platform; requires 10+ years experience building AppSec from inception.

Salary not listed
Remote10+ YOESecurity Engineering

About the role

What You'll Do

  • Establish and continuously improve the AppSec program's strategy, processes, and tooling.
  • Collaborate with engineers to integrate security best practices into design reviews, threat modeling, code reviews, and penetration testing.
  • Participate in secure code review and penetration testing efforts.
  • Contribute to deep-dive security reviews of web, mobile, and API products.
  • Participate in security training and share learnings with the engineering team.
  • Assist in incident response.
  • Gain exposure to SAST/DAST tools and risk assessment.
  • Mentor junior members of the AppSec team.

What we are looking for

  • 10+ years of experience in application security or related field.
  • Led inception of Application Security program from the ground up.
  • Solid understanding of security fundamentals and common vulnerabilities (e.g., XSS, CSRF, SQL Injection).
  • Ability to identify risks and collaborate with engineers.
  • Communicate security concepts to technical and non-technical audiences.

Preferred Qualifications

  • Familiarity with programming languages (C#, React, JavaScript, REST APIs).
  • Active in security community (B-sides, OWASP, GitLab contributions).

Benefits and Incentives

  • Competitive Base and Incentive Plan
  • Stock Options
  • Health and Welfare Plans*
  • Life and Disability Plans*
  • Retirement Plan*
  • Unlimited Flexible Paid Time Off, including birthday off
  • Collaborative Team Culture*

Skills

Application SecurityThreat ModelingSASTDASTPenetration TestingCode ReviewOwaspXssCsrfSql InjectionC#ReactJavaScriptREST APIs
Zocdoc

Senior Staff Security Engineer, Vulnerability Management

ZocdocUnited States

Senior Staff Security Engineer owning the roadmap for an AI-driven vulnerability scanning, triage, and automated remediation platform. Requires 8+ years in security engineering with deep cloud/container expertise, offensive security experience, and proficiency in Python/Go/Rust.

200k – 290k/yr
Remote8+ YOESecurity Engineering
Plaid

Staff Software Engineer

PlaidNew York, NY +2

Staff Software Engineer building and leading development of Plaid's core security infrastructure including IAM, key management, encryption, and access control systems. Requires experience with scalable secure systems architecture plus technical leadership.

222k – 328k/yr
Hybrid7+ YOESecurity Engineering
Anthropic

Staff+ Application Security Engineer

AnthropicSan Francisco, CA +2

Staff Application Security Engineer focused on M&A due diligence and secure integration of acquired codebases and systems at Anthropic. Lead security assessments, risk readouts, post-close remediation and automation using Claude, while contributing to core AppSec work. Requires 7+ years AppSec experience, rapid codebase assessment skills, and coding ability.

320k – 485k/yr
Hybrid7+ YOESecurity Engineering
Confluent

Staff Security Risk & Compliance Program Manager

ConfluentTexas

Own and evolve Confluent's internal access management program with focus on machine/workload identity, S2S auth, non-human identities, and AI agent controls. Set the Access Management Standard, own metrics/reporting/OKRs, and drive governance, risk reduction, and cross-functional execution for least-privilege outcomes.

222k – 261k/yr
Remote8+ YOESecurity Engineering
Abridge

Senior/Staff Infrastructure Security Engineer

AbridgeSan Francisco, CA +1

Senior/Staff Infrastructure Security Engineer building self-service security platforms, automating DevSecOps workflows, and designing high-scale security data pipelines and IaC guardrails in a greenfield cloud-native environment at an AI healthcare company. Requires 8+ years software engineering experience with deep cloud and IaC expertise.

214k – 252k/yr
Remote8+ YOESecurity Engineering