Staff AppSec Engineer
Staff AppSec Engineer owning end-to-end vulnerability identification and remediation. Partner with engineering teams on secure development practices, threat modeling, and AWS security architecture while leveraging AI tools.
Staff Security Engineer owning application, API, and supply chain security domains. Hands-on role integrating security into engineering workflows via threat modeling, tooling (SAST/SCA/DAST), automation, and risk-based vulnerability management in cloud-native environments.
Own key security domains such as vulnerability management, application security, API security, and supply chain security.
Drive improvements in security coverage, prioritization, and remediation workflows.
Partner with engineering teams to integrate security into design reviews, threat modeling, CI/CD pipelines, and developer workflows.
Provide actionable, pragmatic guidance that helps teams ship securely.
Develop and improve security tooling and automation to reduce manual effort.
Implement and tune tools for SAST, SCA, DAST, dependency security, and container security.
Leverage AI/LLMs where appropriate to improve triage, detection, and review processes.
Triage and prioritize vulnerabilities using risk-based approaches.
Partner with teams to ensure timely remediation of critical issues.
Help define and improve SLAs, metrics, and reporting.
Conduct threat modeling, design reviews, and security assessments.
Contribute to incident response and postmortems for security events.
Identify and help remediate systemic risks.
The salary range for this role will be $210,000.00 - $260,000.00 USD. In addition, this position will also receive an annual target bonus of 12%. Bonus pay at NinjaTrader is based on individual performance (50%) as well as company/team performance (50%).
Salary and bonus earnings are only two components of the total compensation package offered by NinjaTrader. NinjaTrader offers a 401K plan through ADP under which the company will match up to 3.5% of employee contributions. Annual paid time off allowance accrues at a rate of 23 days per year (some positions may qualify for more) plus seven paid holidays.
Staff AppSec Engineer owning end-to-end vulnerability identification and remediation. Partner with engineering teams on secure development practices, threat modeling, and AWS security architecture while leveraging AI tools.
Designs and implements Zero Trust, SASE, and identity-based security architectures to protect corporate networks, SaaS platforms, and AI systems. Requires 8+ years experience in SaaS security, IAM, DLP, and device trust.
Staff-level AppSec engineer building secure coding practices and vulnerability management for a commerce platform. Requires 6+ years in application security with deep AWS and Python experience.
Design and implement formal methods, tools, and processes to verify safety-critical software for autonomous vehicles. Requires 7+ years experience, advanced degree, and strong background in formal verification, Python, and C++.
Staff-level engineer to found and lead a new Trust & Safety engineering team, architecting systems to detect fraud, billing anomalies, and credential abuse for a mental healthcare platform.