# Application Security Engineer
**Company:** [Oneleet](https://hotfix.jobs/companies/oneleet)
**Location:** Remote
**Experience:** 5+ years
**Skills:** Application Security, Go, Python, TypeScript, Security Tooling, Vulnerability Research, Cve, Cwe, False Positive Reduction, Severity Scoring, Exploit Reasoning, Open Source Security
**Posted:** 2026-05-28
> Application Security Engineer building and tuning the security judgment layer for a cybersecurity platform, integrating tooling, reducing noise, and partnering with product and engineering teams.
## Job Description
## Key Responsibilities
- Own the integration, configuration, and output quality of security tooling that powers our platform
- Tune outputs to maximize signal and minimize noise — decide what to surface, what to suppress, and what to enrich
- Design rules, severity scoring, and triage flows that make findings actionable rather than overwhelming
- Build the security judgment layer on top of underlying tooling — context-aware prioritization and exploitability reasoning
- Partner with engineers on how findings are presented in the UI and how remediation flows work
- Work with PM and design on roadmap priorities, providing the security expertise that drives what to build next
- Review and shape architectural choices that affect security outcomes
- Engage with customers directly to understand how they use the platform and what's blocking adoption
- Benchmark our output quality against competitors and close gaps where they exist
- Contribute back to the open source security tooling we depend on where it makes sense

## Qualifications
- 5+ years of application security experience, with significant time shipping security products
- Strong programming skills in at least one of Go, Python, or TypeScript
- Hands-on experience tuning security tooling for production use — reducing false positives, building suppression logic, designing severity models
- Understanding of vulnerability research, CVE/CWE taxonomies, and exploit reasoning
- Experience determining what makes a security finding actionable vs. just technically true
- Excellent communication skills and comfort working directly with customers
- Pragmatic approach to building things fast without unnecessarily complicating things
- Experience thriving in a fast-moving, start-up engineering environment

## Nice-to-Haves
- Prior experience shipping a security product at a vendor
- Contributions to open source security tooling
- Offensive security background or OSCP / similar certifications
- Hands-on experience with LLM agents, tool use, or autonomous AI systems
**Apply:** https://hotfix.jobs/jobs/application-security-engineer-at-oneleet-7e0684d3-9196-4a3a-b709-830cc9cf8454
**Canonical:** https://hotfix.jobs/jobs/application-security-engineer-at-oneleet-7e0684d3-9196-4a3a-b709-830cc9cf8454