Skip to content
Oneleet

Application Security Engineer

Application Security Engineer building and tuning the security judgment layer for a cybersecurity platform, integrating tooling, reducing noise, and partnering with product and engineering teams.

Beaverton, ORSecurity EngineeringRemote5+ YOE
Apply

About the role

Key Responsibilities

  • Own the integration, configuration, and output quality of security tooling that powers our platform
  • Tune outputs to maximize signal and minimize noise — decide what to surface, what to suppress, and what to enrich
  • Design rules, severity scoring, and triage flows that make findings actionable rather than overwhelming
  • Build the security judgment layer on top of underlying tooling — context-aware prioritization and exploitability reasoning
  • Partner with engineers on how findings are presented in the UI and how remediation flows work
  • Work with PM and design on roadmap priorities, providing the security expertise that drives what to build next
  • Review and shape architectural choices that affect security outcomes
  • Engage with customers directly to understand how they use the platform and what's blocking adoption
  • Benchmark our output quality against competitors and close gaps where they exist
  • Contribute back to the open source security tooling we depend on where it makes sense

Qualifications

  • 5+ years of application security experience, with significant time shipping security products
  • Strong programming skills in at least one of Go, Python, or TypeScript
  • Hands-on experience tuning security tooling for production use — reducing false positives, building suppression logic, designing severity models
  • Understanding of vulnerability research, CVE/CWE taxonomies, and exploit reasoning
  • Experience determining what makes a security finding actionable vs. just technically true
  • Excellent communication skills and comfort working directly with customers
  • Pragmatic approach to building things fast without unnecessarily complicating things
  • Experience thriving in a fast-moving, start-up engineering environment

Nice-to-Haves

  • Prior experience shipping a security product at a vendor
  • Contributions to open source security tooling
  • Offensive security background or OSCP / similar certifications
  • Hands-on experience with LLM agents, tool use, or autonomous AI systems

Skills

Application SecurityGoPythonTypeScriptSecurity ToolingVulnerability ResearchCveCweFalse Positive ReductionSeverity ScoringExploit ReasoningOpen Source Security

Similar roles

Security Engineering jobs
Vercel

Product Security Engineer

Product Security Engineer driving threat modeling, secure code review, open-source security, SDLC tooling, and bug bounty management for Vercel's web platform built on Next.js and Node.js. Requires 5+ years securing web products with strong JavaScript/Node.js and cloud security expertise.

United StatesSecurity EngineeringRemote5+ YOESASTDAST
AKASA

IT Security Operations Engineer

IT Security Operations Engineer responsible for implementing DLP, email security, endpoint protection, Okta/Google Workspace hardening, automation, compliance evidence collection, and incident response in a hybrid healthcare AI startup.

150k – 190kSan Francisco, CASecurity EngineeringHybrid4+ YOEGoDlp
Novig

Security Engineer

Build and maintain security automation pipelines, AI agents, SOAR/SIEM integrations, vulnerability management, and IAM systems for a sports prediction market platform.

150k – 200kNew York, NYSecurity EngineeringOn-site5+ YOECdkIAM
Metropolis

Security Engineer II

Security Engineer II responsible for monitoring security alerts, responding to incidents, administering enterprise security tools, and supporting cloud and identity security initiatives. Requires 3+ years in cybersecurity or related fields with strong scripting and troubleshooting skills.

105k – 150kLos Angeles, CASecurity EngineeringOn-site3+ YOEAWSmacOS
Metropolis

Security Engineer II

Security Engineer II responsible for monitoring and responding to security alerts, administering enterprise security tools, supporting vulnerability and IAM programs, and securing cloud environments. Requires 3+ years in cybersecurity or related fields and scripting experience.

115k – 160kNew York, NYSecurity EngineeringOn-site3+ YOEAWSmacOS