Skip to content
UpsideUpsideWashington, DC

Staff AppSec Engineer

Staff AppSec Engineer owning end-to-end vulnerability identification and remediation. Partner with engineering teams on secure development practices, threat modeling, and AWS security architecture while leveraging AI tools.

210k – 230k
Hybrid6+ YOESecurity Engineering

About the role

Responsibilities

  • Own identification and remediation of application vulnerabilities end-to-end
  • Leverage AI tools to design and deliver scalable security solutions
  • Execute automated security testing (SAST, SCA) and work directly with engineers to resolve findings
  • Develop threat models and collaborate with product and engineering teams to surface, document, and prioritize risk
  • Advise leadership on security architecture decisions and application security best practices
  • Build developer security literacy through training, enablement, and vulnerability management guidance
  • Participate in penetration testing efforts and support bug bounty program operations
  • Contribute to the administration of AWS Control Tower and IAM provisioning workflows
  • Stay current with the broader security community and bring emerging trends back to the team

Requirements

  • 6+ years in application security or product security, including hands-on experience reviewing Python code
  • Track record of building and delivering solutions in vulnerability management programs
  • Deep expertise in AWS security architecture, including Lambda and AWS Control Tower
  • Demonstrated experience adopting and integrating AI tools into security or engineering workflows
  • Strong communication and collaboration skills

Nice-to-Haves

  • Bachelor's degree in Computer Science, Engineering, or a related field preferred

Tools & Technologies

  • GitHub Advanced Security, GitHub Actions, GitHub Copilot
  • Python
  • Terraform
  • AWS (Lambda, DynamoDB, S3, SNS, SQS, IAM, VPCs)
  • ChatGPT
  • Snowflake
  • SQL

Compensation & Benefits

  • US base salary range: $210,000 - $230,000 + equity + benefits
  • Medical, dental, and vision coverage starting on Day 1
  • Equity (ISOs)
  • 401(k) program
  • Family planning programs + paid parental leave
  • Physical fitness and wellness memberships
  • Emotional and mental health support programs
  • Unlimited PTO + 10 paid federal holidays + annual week-long Winter Break
  • Flexible work environment
  • Lunch reimbursement for in-office employees
  • Employee Resource Groups
  • Learning and Development stipend

Skills

PythonAWSAWS LambdaAws Control TowerTerraformGithub Advanced SecurityGitHub ActionsSASTScaIAMThreat ModelingPenetration TestingVulnerability ManagementAI Tools
NinjaTrader

Staff Security Engineer, Application Security

NinjaTraderChicago, IL

Staff Security Engineer owning application, API, and supply chain security domains. Hands-on role integrating security into engineering workflows via threat modeling, tooling (SAST/SCA/DAST), automation, and risk-based vulnerability management in cloud-native environments.

210k – 260k
Hybrid7+ YOESecurity Engineering
Crusoe

Staff Corporate Security Engineer

CrusoeSan Francisco, CA

Designs and implements Zero Trust, SASE, and identity-based security architectures to protect corporate networks, SaaS platforms, and AI systems. Requires 8+ years experience in SaaS security, IAM, DLP, and device trust.

210k – 255k
On-site8+ YOESecurity Engineering
Upside

Staff Application Security Engineer

UpsideWashington, DC

Staff-level AppSec engineer building secure coding practices and vulnerability management for a commerce platform. Requires 6+ years in application security with deep AWS and Python experience.

210k – 230k
Remote6+ YOESecurity Engineering
Zoox

Senior/Staff Software Systems Engineer

ZooxFoster City, CA

Design and implement formal methods, tools, and processes to verify safety-critical software for autonomous vehicles. Requires 7+ years experience, advanced degree, and strong background in formal verification, Python, and C++.

208k – 300k
Hybrid7+ YOESecurity Engineering
Rula

Staff Software Engineer - Trust & Safety

RulaLos Angeles, CA

Staff-level engineer to found and lead a new Trust & Safety engineering team, architecting systems to detect fraud, billing anomalies, and credential abuse for a mental healthcare platform.

207k – 243k
Remote8+ YOESecurity Engineering