# Security Engineer, Application Security

**Company:** [OpenAI](https://hotfix.jobs/companies/openai)
**Location:** San Francisco, CA, Seattle, WA, New York, NY
**Role:** Security Engineering
**Salary:** $260k – $385k/yr
**Skills:** Burp Suite, Owasp Zap, Python, Java, C++, Threat Modeling, Penetration Testing, Secure Coding, Vulnerability Management, Incident Response
**Posted:** 2024-10-02

> Identifies and mitigates application security vulnerabilities through code reviews, penetration testing, and security assessments. Collaborates with development teams to integrate secure coding practices and provides guidance on threats and remediation.

## Job Description

## Responsibilities
- Perform security assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software.
- Develop and implement security tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats.
- Collaborate with development teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines.
- Threat modeling and risk assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies.
- Vulnerability management: Track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts.
- Incident response support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents.
- Stay current on security trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications.

## Requirements
- Extensive experience in information security, cybersecurity, or a related field.
- Deep understanding of security technologies, tools, and best practices, including secure coding practices, threat modeling, risk assessments, and incident response.
- Experience in application security, software development, or related areas with a strong understanding of secure coding practices and application security frameworks.
- Proficiency in programming languages (such as Python, Java, C++).
- Knowledge of security tools (e.g., Burp Suite, OWASP ZAP).
- Familiarity with security protocols and encryption methods.
- Strong written and verbal communication skills.

## Similar roles

- [Security Engineer, Product](https://hotfix.jobs/jobs/47043362-7c92-4270-bfc9-0cbe660fee61) - Ramp - New York, NY - $258k – $355k/yr
- [Security Research Manager, Coverage Team](https://hotfix.jobs/jobs/fb4bce47-507b-42f1-8efe-bc431be4eb91) - Semgrep - San Francisco, CA - $255k – $319k/yr
- [Offensive Security Engineer](https://hotfix.jobs/jobs/b1f01097-22de-4843-b162-2e2172b9d382) - Perplexity - San Francisco, CA - $250k – $350k/yr
- [Safeguards Enforcement Analyst, Account Takeover & Credential Abuse](https://hotfix.jobs/jobs/31f5d0ec-9b31-4419-a4b1-2e826ec7a358) - Anthropic - San Francisco, CA - $245k – $285k/yr
- [Security Engineer, Detection & Response](https://hotfix.jobs/jobs/f9c29ac7-c370-4fa3-a943-0dadcf763dae) - Scale AI - New York, NY - $238k – $297k/yr

**Apply:** https://hotfix.jobs/jobs/fd30f2c2-6ff0-41ef-9112-fcddf742f40f
**Canonical:** https://hotfix.jobs/jobs/fd30f2c2-6ff0-41ef-9112-fcddf742f40f