# Staff Security Engineer, Application Security

**Company:** [NinjaTrader](https://hotfix.jobs/companies/ninjatrader)
**Location:** Chicago, IL
**Role:** Security Engineering
**Salary:** $210k – $260k/yr
**Experience:** 7+ years
**Skills:** Application Security, Threat Modeling, Vulnerability Management, AWS, GCP, CI/CD, Python, Go, SAST, Sca, DAST, Container Security
**Posted:** 2026-07-07

> Staff Security Engineer owning application, API, and supply chain security domains. Hands-on role integrating security into engineering workflows via threat modeling, tooling (SAST/SCA/DAST), automation, and risk-based vulnerability management in cloud-native environments.

## Job Description

## What you'll do

Own key security domains such as vulnerability management, application security, API security, and supply chain security.  
Drive improvements in security coverage, prioritization, and remediation workflows.  
Partner with engineering teams to integrate security into design reviews, threat modeling, CI/CD pipelines, and developer workflows.  
Provide actionable, pragmatic guidance that helps teams ship securely.  
Develop and improve security tooling and automation to reduce manual effort.  
Implement and tune tools for SAST, SCA, DAST, dependency security, and container security.  
Leverage AI/LLMs where appropriate to improve triage, detection, and review processes.  
Triage and prioritize vulnerabilities using risk-based approaches.  
Partner with teams to ensure timely remediation of critical issues.  
Help define and improve SLAs, metrics, and reporting.  
Conduct threat modeling, design reviews, and security assessments.  
Contribute to incident response and postmortems for security events.  
Identify and help remediate systemic risks.

## What you'll need

- 7+ years of experience in Application Security, Product Security, or Security Engineering  
- Strong hands-on experience with threat modeling and secure design  
- Experience with vulnerability management and application security tooling  
- Experience working in cloud-native environments such as AWS and GCP  
- Experience integrating security into CI/CD pipelines and developer workflows  
- Ability to write code in Python, Go, or similar languages for automation and tooling  
- Strong ability to work cross-functionally with engineering teams  

## Bonus points for

- Experience scaling security in a high-growth or late-stage startup  
- Familiarity with AI-driven security workflows or automation  
- Background in API security, data protection, or multi-tenant systems  
- Experience with bug bounty programs and penetration testing  
- Security certifications such as CISSP  

## Compensation

The salary range for this role will be $210,000.00 - $260,000.00 USD. In addition, this position will also receive an annual target bonus of 12%. Bonus pay at NinjaTrader is based on individual performance (50%) as well as company/team performance (50%).  

Salary and bonus earnings are only two components of the total compensation package offered by NinjaTrader. NinjaTrader offers a 401K plan through ADP under which the company will match up to 3.5% of employee contributions. Annual paid time off allowance accrues at a rate of 23 days per year (some positions may qualify for more) plus seven paid holidays.

## Similar roles

- [Staff AppSec Engineer](https://hotfix.jobs/jobs/276da52a-633e-4899-bbe1-257843a4fa8b) - Upside - Washington, DC - $210k – $230k/yr
- [Staff Corporate Security Engineer](https://hotfix.jobs/jobs/b96b394f-21ee-4d9d-8bd8-4c821ffcef81) - Crusoe - San Francisco, CA - $210k – $255k/yr
- [Staff Application Security Engineer](https://hotfix.jobs/jobs/7ac2e48a-851e-4e49-8cb6-83a44f82862c) - Upside - Remote - $210k – $230k/yr
- [Senior/Staff Software Systems Engineer](https://hotfix.jobs/jobs/778eda2f-9ba1-4e9e-9093-db9a8854300c) - Zoox - Foster City, CA - $208k – $300k/yr
- [Staff Software Engineer - Trust & Safety](https://hotfix.jobs/jobs/75025b27-cc32-4ffc-9305-540d29ca5599) - Rula - Remote - $207k – $243k/yr

**Apply:** https://hotfix.jobs/jobs/5214d92c-70cc-4cb3-aa3a-342e71db7789
**Canonical:** https://hotfix.jobs/jobs/5214d92c-70cc-4cb3-aa3a-342e71db7789