First dedicated AppSec Engineer defining security architecture for a SaaS TV advertising platform. Build security tooling, own SAST/DAST/SCA, conduct threat modeling, and partner with engineering teams on secure development practices.
165k – 190k
Hybrid5+ YOESecurity Engineering
About the role
Responsibilities
Design and execute greenfield AppSec initiatives across Tatari's SaaS platform from threat modeling to remediation
Build and maintain security automation integrated into CI/CD pipelines and manage software supply chain risk
Own container security across build and runtime
Develop internal tooling and libraries that make secure coding easier for application engineers
Own SAST/DAST/SCA tooling: selection, tuning, CI/CD integration, and triage
Conduct application security reviews and threat models for new features and architectural changes
Identify and remediate vulnerabilities across APIs, services, and data pipelines
Partner with Engineering teams to establish secure coding standards and provide hands-on guidance
Assess and mitigate LLM-introduced risks in product features
Integrate agentic tooling into AppSec workflows to reduce toil
Contribute to security incident response when application-layer issues are involved
Requirements
Production Python experience with the engineering depth to review code meaningfully and build security tooling; Java or Rust is a bonus
Significant hands-on application security experience, ideally at a SaaS company, including working knowledge of established standards (OWASP Top 10, API Security Top 10, ASVS, SPVS, AISVS) and how common vulnerability classes manifest in production systems
Threat modeling experience with Product and Engineering teams
Experience building security tooling or automation (scripts, pipelines, libraries)
Familiarity with AWS and Kubernetes security controls as they relate to application-layer risks
Working knowledge of how LLMs introduce new attack surfaces and how to mitigate them, with practical experience using AI tools in security or engineering workflows
Demonstrated experience reviewing API designs and implementations for auth anti-patterns, token mismanagement, injection risks, and sensitive data exposure
Track record embedding with Engineering teams: code review, design consultation, and standards definition
Experience building or maturing an AppSec program where coverage, tooling, or process needed to be defined from scratch
Benefits
Total compensation ($165,000-$190,000)
Equity compensation
Health insurance coverage for you and your dependents
401K, FSA, and commuter benefits
$150 monthly spending account
$1,000 annual continued education benefit
$500 Newbie Productivity Perk
Unlimited PTO and sick days
Monthly Company Wellness Day Off
Snacks, drinks, and catered lunches at the office
Team building events
Hybrid RTO of 2 days per week in office
Skills
PythonJavaRustAWSKubernetesSASTDASTScaCI/CDThreat ModelingOwasp Top 10Api SecurityLlm Security
Lead AWS and network security engineering for enterprise infrastructure, including firewalls, zero-trust, IAM, and cloud automation. Requires strong AWS, networking, and security engineering experience.
Senior Security Engineer leading application security reviews, DevSecOps initiatives, and secure architecture for cloud-native systems. Requires strong product security experience and scripting background.
165k – 215k
On-site5+ YOESecurity Engineering
Sr. Security Engineer, Corporate Information Security
BettermentNew York, NY
Senior security engineer leading workforce IAM, endpoint security, and AI tool governance for a fintech company. Hands-on IC role focused on Okta, SaaS security, and Zero Trust architecture in a hybrid NYC environment.
165k – 185k
Hybrid6+ YOESecurity Engineering
Senior Security Engineer
Beacon AISan Carlos, CA
As a Senior Security Engineer, you will design and implement secure architectures, protect sensitive data, and mitigate security risks for Beacon AI. You will lead incident response efforts and integrate security best practices into the SDLC.
165k – 240k
Hybrid5+ YOESecurity Engineering
Senior Software Engineer, Security
NexHealthSeattle, WA +1
Builds and secures backend systems for APIs, EHR integrations, and payments infrastructure. Leads threat modeling, vulnerability remediation, and security tooling integration in AWS/Google Cloud environments. Requires 5+ years engineering with security focus.