Skip to content
OpenAIOpenAISan Francisco, CA

Security Engineer, Application Security

Identifies and mitigates application security vulnerabilities through code reviews, penetration testing, and security assessments. Collaborates with development teams to integrate secure coding practices and provides guidance on threats and remediation.

260k – 385k/yr
HybridSecurity Engineering

About the role

Responsibilities

  • Perform security assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software.
  • Develop and implement security tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats.
  • Collaborate with development teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines.
  • Threat modeling and risk assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies.
  • Vulnerability management: Track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts.
  • Incident response support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents.
  • Stay current on security trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications.

Requirements

  • Extensive experience in information security, cybersecurity, or a related field.
  • Deep understanding of security technologies, tools, and best practices, including secure coding practices, threat modeling, risk assessments, and incident response.
  • Experience in application security, software development, or related areas with a strong understanding of secure coding practices and application security frameworks.
  • Proficiency in programming languages (such as Python, Java, C++).
  • Knowledge of security tools (e.g., Burp Suite, OWASP ZAP).
  • Familiarity with security protocols and encryption methods.
  • Strong written and verbal communication skills.

Skills

Burp SuiteOwasp ZapPythonJavaC++Threat ModelingPenetration TestingSecure CodingVulnerability ManagementIncident Response
Ramp

Security Engineer, Product

RampNew York, NY +1

Builds security primitives, platform mitigations, and leads vulnerability remediation for Ramp's financial platform. Partners with engineers for secure-by-design solutions. Requires 5+ years software experience, 2+ years in security/infrastructure.

258k – 355k/yr
Hybrid5+ YOESecurity Engineering
Semgrep

Security Research Manager, Coverage Team

SemgrepSan Francisco, CA +4

Leads a team of security researchers to develop high-quality detection rules for secrets, code, and supply chain vulnerabilities. Drives roadmap, automation with AI, and improves coverage accuracy; requires 5+ years security tech lead experience and 2+ years people management.

255k – 319k/yr
Hybrid5+ YOESecurity Engineering
Perplexity

Offensive Security Engineer

PerplexitySan Francisco, CA +1

Offensive Security Engineer conducts red team operations, penetration testing, and AI/ML attack simulations on cloud infrastructure, applications, and pipelines. Requires 5+ years experience in offensive security, expertise in cloud/web/K8s security, and custom tooling in Python/Go.

250k – 350k/yr
Hybrid5+ YOESecurity Engineering
Anthropic

Safeguards Enforcement Analyst, Account Takeover & Credential Abuse

AnthropicSan Francisco, CA +2

Safeguards Enforcement Analyst focused on account takeover and credential abuse. Investigate compromise incidents, design remediation workflows, partner with engineering on detection, enforce AI usage policies, and develop scalable enforcement programs for platform safety.

245k – 285k/yr
HybridSecurity Engineering
Scale AI

Security Engineer, Detection & Response

Scale AINew York, NY +3

Senior Security Engineer focused on building detection systems, incident response automation, and maturing telemetry pipelines across cloud environments. Requires 5+ years in detection engineering or security operations and production-grade coding skills.

238k – 297k/yr
On-site5+ YOESecurity Engineering