Skip to content
Trail of BitsTrail of BitsUnited States

Engineering Director, Application Security

Leads Application Security practice performing code audits, vulnerability research, and secure design reviews. Hands-on leader managing team, P&L, client relationships; requires 10+ years security experience and proficiency in multiple languages.

250k – 300k
Remote10+ YOESecurity Engineering

About the role

Responsibilities

  • Lead technical delivery: own quality and profitability of engagements, review findings, guide technical direction, maintain client relationships.
  • Staff and grow the practice: manage project assignments, utilization, hiring, P&L.
  • Develop engineers: support conferences, research, open source contributions.
  • Set technical direction: invest in tooling, methodology, evolve with threats.
  • Integrate AI into workflows for auditing, reporting, research.

Requirements

  • 10+ years in security with source code audits.
  • Recent hands-on security work (code review, vulnerability research, tool development).
  • Experience leading 8+ engineers with financial accountability.
  • Proficiency in at least 4 of: Rust, Go, Python, C/C++, Solidity, JavaScript/TypeScript.
  • Track record managing profitability, utilization, staffing in consulting.
  • Experience building team careers and visibility.
  • Proficiency with AI coding/analysis tools.
  • Active security community contributions.

Compensation

Base salary: $250,000 - $300,000 USD, excluding benefits and bonuses.

Skills

RustGoPythonC/C++SolidityJavaScriptTypeScriptStatic AnalysisFuzzingAI Tools
Instabase

Director, Security & Compliance

InstabaseSan Francisco, CA

Leads security, compliance (GRC), and IT operations at a SaaS company, driving roadmap, audits (SOC2, HIPAA, ISO 27001, GDPR, FedRAMP), policies, and cross-functional programs. Requires extensive compliance experience in cloud/SaaS environments.

250k – 300k
HybridSecurity Engineering
DuckDuckGo

Privacy Engineering Director

DuckDuckGoUnited States

Lead privacy engineering initiatives across private browsing, search, and agentic products. Own complex privacy projects from definition to delivery, evolve review processes, and grow privacy engineering talent.

244k – 244k
Remote10+ YOESecurity Engineering
Illumio

Director, Threat Research

IllumioSunnyvale, CA

Leads and builds a Threat Research team to analyze large-scale security datasets, uncover attacker TTPs using MITRE ATT&CK, and translate findings into product enhancements for breach detection and containment. Requires 10+ years in threat research or detection engineering with hands-on expertise and leadership experience.

227k – 272k
On-site10+ YOESecurity Engineering
Moment

Head of Security

MomentNew York, NY

Own the end-to-end security program for a fintech infrastructure company, driving strategy, compliance (SOC 2), incident response, and client-facing security reviews for institutional trading systems.

275k – 325k
On-siteSecurity Engineering
Stellar

Director, Ecosystem Product Security

StellarSan Francisco, CA +1

Leads security strategy for Stellar blockchain ecosystem and Foundation systems, raising security standards for wallets, validators, and infrastructure. Owns outcomes for high-stakes software/infrastructure, builds security team, and drives cross-team improvements. Requires 10+ years security experience with blockchain expertise.

225k – 335k
Hybrid10+ YOESecurity Engineering