Staff AppSec Engineer owning end-to-end vulnerability identification and remediation. Partner with engineering teams on secure development practices, threat modeling, and AWS security architecture while leveraging AI tools.
210k – 230k
Hybrid6+ YOESecurity Engineering
About the role
Responsibilities
Own identification and remediation of application vulnerabilities end-to-end
Leverage AI tools to design and deliver scalable security solutions
Execute automated security testing (SAST, SCA) and work directly with engineers to resolve findings
Develop threat models and collaborate with product and engineering teams to surface, document, and prioritize risk
Advise leadership on security architecture decisions and application security best practices
Build developer security literacy through training, enablement, and vulnerability management guidance
Participate in penetration testing efforts and support bug bounty program operations
Contribute to the administration of AWS Control Tower and IAM provisioning workflows
Stay current with the broader security community and bring emerging trends back to the team
Requirements
6+ years in application security or product security, including hands-on experience reviewing Python code
Track record of building and delivering solutions in vulnerability management programs
Deep expertise in AWS security architecture, including Lambda and AWS Control Tower
Demonstrated experience adopting and integrating AI tools into security or engineering workflows
Strong communication and collaboration skills
Nice-to-Haves
Bachelor's degree in Computer Science, Engineering, or a related field preferred
Staff Security Engineer owning application, API, and supply chain security domains. Hands-on role integrating security into engineering workflows via threat modeling, tooling (SAST/SCA/DAST), automation, and risk-based vulnerability management in cloud-native environments.
210k – 260k
Hybrid7+ YOESecurity Engineering
Staff Corporate Security Engineer
CrusoeSan Francisco, CA
Designs and implements Zero Trust, SASE, and identity-based security architectures to protect corporate networks, SaaS platforms, and AI systems. Requires 8+ years experience in SaaS security, IAM, DLP, and device trust.
210k – 255k
On-site8+ YOESecurity Engineering
Staff Application Security Engineer
UpsideWashington, DC
Staff-level AppSec engineer building secure coding practices and vulnerability management for a commerce platform. Requires 6+ years in application security with deep AWS and Python experience.
210k – 230k
Remote6+ YOESecurity Engineering
Senior/Staff Software Systems Engineer
ZooxFoster City, CA
Design and implement formal methods, tools, and processes to verify safety-critical software for autonomous vehicles. Requires 7+ years experience, advanced degree, and strong background in formal verification, Python, and C++.
208k – 300k
Hybrid7+ YOESecurity Engineering
Staff Software Engineer - Trust & Safety
RulaLos Angeles, CA
Staff-level engineer to found and lead a new Trust & Safety engineering team, architecting systems to detect fraud, billing anomalies, and credential abuse for a mental healthcare platform.