# Staff Application Security Engineer

**Company:** [Ironclad](https://hotfix.jobs/companies/ironclad)
**Location:** San Francisco, CA
**Role:** Security Engineering
**Salary:** $170k – $190k/yr
**Skills:** Burp Suite, Appscan, Nessus, TypeScript, JavaScript, AWS, GCP, Azure, Kubernetes, Terraform, Snyk, Checkmarx, Veracode, Owasp Top 10, CI/CD
**Posted:** 2026-04-08

> Leads application security assessments, vulnerability testing, and secure coding practices for a SaaS platform. Requires 3+ years in app sec or software dev, proficiency in TypeScript/JavaScript, security tools like Burp Suite, and cloud experience.

## Job Description

## Roles & Responsibilities
- Develop and implement secure coding practices, procedures, and standards for software development teams.
- Conduct application security assessments and vulnerability testing to identify and mitigate risks.
- Perform security reviews of code changes and ensure that security issues are addressed.
- Collaborate with cross-functional teams to remediate software vulnerabilities and implement secure coding practices.
- Integrate security review processes into Ironclad’s CI/CD pipeline.
- Conduct threat modeling and risk analysis to protect sensitive data.
- Provide domain expertise on protective controls including system, network, encryption, and authentication services.
- Work closely with members of the SRE, Development, IT, and Security teams to drive impactful changes to Ironclad’s cybersecurity posture.
- Work closely with the risk and governance teams to implement compliance and security requirements.
- Contribute to secure coding and other cybersecurity training programs.
- Stay up-to-date with the latest security trends, vulnerabilities, and attack techniques.
- Provide technical leadership and mentorship to other members of the engineering and security teams.

## Key Skills
- BA/BS/MS in Computer Science or related field or equivalent experience.
- 3+ Years of experience working in application security or software development, preferably with SaaS companies or in regulated fields.
- In-depth knowledge of application security concepts and practices, including **OWASP Top 10** and **SANS Top 25**.
- Experience with security testing tools such as **Burp Suite**, **AppScan**, and **Nessus**.
- Strong proficiency in either **Typescript** or **Javascript**.
- Experience operating in any cloud provider (**AWS**, **GCP**, **Azure**, **Digital Ocean** etc.).
- Ability to appropriately prioritize and respond to different escalations.
- Experience working collaboratively with cross-functional teams.
- Strong desire to take ownership of problems.
- Comfort working in a rapidly evolving environment and dealing with ambiguity.
- Excellent communication, analytical and problem-solving skills.
- Team and goal-oriented.
- High output, low ego.

## Nice to Have
- AI penetration testing.
- Experience with **git** and software branching and workflow strategies.
- Experience working with modern, microservice architectures including in **Kubernetes** or other containerized environments.
- Experience with enterprise observability platforms such as **ELK**, **Datadog**, **Prometheus**, **Grafana**, etc.
- Knowledge of **Terraform** or other infrastructure-as-code and configuration management solutions.
- Experience with **SOC 2**, **ISO 27001**, **NIST**, and **CIS** standards and frameworks.
- Experience with **SAST** and **SCA** tools such as **Snyk**, **Checkmarx**, **Veracode**, **WhiteSource**, or **Black Duck**.

## Compensation
**Base Salary Range: $170,000 - $190,000**

## Similar roles

- [Sr. Staff System Security Engineer](https://hotfix.jobs/jobs/50fb66cc-9ede-4741-a21c-d4699d9986af) - Shield AI - Dallas, TX - $170k – $250k/yr
- [Staff IAM Engineer](https://hotfix.jobs/jobs/7a722d47-b173-4ffc-9981-f10ed9f3ce9c) - Ironclad - San Francisco, CA - $170k – $190k/yr
- [Staff Risk Analyst](https://hotfix.jobs/jobs/4cda1e53-3f5f-4061-942a-18998b2b4c45) - Earnin - Remote - $170k – $210k/yr
- [Staff Software Engineer, Security Engineering](https://hotfix.jobs/jobs/83d0a0d7-f8a1-4017-a1ae-e2a9ead881e0) - Okta - Bellevue, WA - $174k – $239k/yr
- [Staff GRC Engineer](https://hotfix.jobs/jobs/f6da6721-0570-4815-bd0b-c83a342c4241) - ezCater - Remote - $165k – $210k/yr

**Apply:** https://hotfix.jobs/jobs/ff55e746-da79-4e09-8b3c-ffd76fd9911c
**Canonical:** https://hotfix.jobs/jobs/ff55e746-da79-4e09-8b3c-ffd76fd9911c