Skip to content
TatariTatariLos Angeles, CA

Senior Application Security Engineer

First dedicated AppSec Engineer defining security architecture for a SaaS TV advertising platform. Build security tooling, own SAST/DAST/SCA, conduct threat modeling, and partner with engineering teams on secure development practices.

165k – 190k
Hybrid5+ YOESecurity Engineering

About the role

Responsibilities

  • Design and execute greenfield AppSec initiatives across Tatari's SaaS platform from threat modeling to remediation
  • Build and maintain security automation integrated into CI/CD pipelines and manage software supply chain risk
  • Own container security across build and runtime
  • Develop internal tooling and libraries that make secure coding easier for application engineers
  • Own SAST/DAST/SCA tooling: selection, tuning, CI/CD integration, and triage
  • Conduct application security reviews and threat models for new features and architectural changes
  • Identify and remediate vulnerabilities across APIs, services, and data pipelines
  • Partner with Engineering teams to establish secure coding standards and provide hands-on guidance
  • Assess and mitigate LLM-introduced risks in product features
  • Integrate agentic tooling into AppSec workflows to reduce toil
  • Contribute to security incident response when application-layer issues are involved

Requirements

  • Production Python experience with the engineering depth to review code meaningfully and build security tooling; Java or Rust is a bonus
  • Significant hands-on application security experience, ideally at a SaaS company, including working knowledge of established standards (OWASP Top 10, API Security Top 10, ASVS, SPVS, AISVS) and how common vulnerability classes manifest in production systems
  • Threat modeling experience with Product and Engineering teams
  • Experience building security tooling or automation (scripts, pipelines, libraries)
  • Familiarity with AWS and Kubernetes security controls as they relate to application-layer risks
  • Working knowledge of how LLMs introduce new attack surfaces and how to mitigate them, with practical experience using AI tools in security or engineering workflows
  • Demonstrated experience reviewing API designs and implementations for auth anti-patterns, token mismanagement, injection risks, and sensitive data exposure
  • Track record embedding with Engineering teams: code review, design consultation, and standards definition
  • Experience building or maturing an AppSec program where coverage, tooling, or process needed to be defined from scratch

Benefits

  • Total compensation ($165,000-$190,000)
  • Equity compensation
  • Health insurance coverage for you and your dependents
  • 401K, FSA, and commuter benefits
  • $150 monthly spending account
  • $1,000 annual continued education benefit
  • $500 Newbie Productivity Perk
  • Unlimited PTO and sick days
  • Monthly Company Wellness Day Off
  • Snacks, drinks, and catered lunches at the office
  • Team building events
  • Hybrid RTO of 2 days per week in office

Skills

PythonJavaRustAWSKubernetesSASTDASTScaCI/CDThreat ModelingOwasp Top 10Api SecurityLlm Security
Metropolis

Senior Security Engineer, Infrastructure & Network Security

MetropolisNew York, NY

Lead AWS and network security engineering for enterprise infrastructure, including firewalls, zero-trust, IAM, and cloud automation. Requires strong AWS, networking, and security engineering experience.

165k – 215k
On-site5+ YOESecurity Engineering
Metropolis

Senior Security Engineer, Product & Application Security

MetropolisSeattle, WA

Senior Security Engineer leading application security reviews, DevSecOps initiatives, and secure architecture for cloud-native systems. Requires strong product security experience and scripting background.

165k – 215k
On-site5+ YOESecurity Engineering
Betterment

Sr. Security Engineer, Corporate Information Security

BettermentNew York, NY

Senior security engineer leading workforce IAM, endpoint security, and AI tool governance for a fintech company. Hands-on IC role focused on Okta, SaaS security, and Zero Trust architecture in a hybrid NYC environment.

165k – 185k
Hybrid6+ YOESecurity Engineering
Beacon AI

Senior Security Engineer

Beacon AISan Carlos, CA

As a Senior Security Engineer, you will design and implement secure architectures, protect sensitive data, and mitigate security risks for Beacon AI. You will lead incident response efforts and integrate security best practices into the SDLC.

165k – 240k
Hybrid5+ YOESecurity Engineering
NexHealth

Senior Software Engineer, Security

NexHealthSeattle, WA +1

Builds and secures backend systems for APIs, EHR integrations, and payments infrastructure. Leads threat modeling, vulnerability remediation, and security tooling integration in AWS/Google Cloud environments. Requires 5+ years engineering with security focus.

165k – 230k
On-site5+ YOESecurity Engineering