Skip to content
Abridge

Senior/Staff Application Security Engineer

Leads application security initiatives including threat modeling, secure code reviews, penetration testing, and vulnerability management for AI healthcare platform. Mentors engineering teams on secure practices with 7+ years experience in AppSec, cloud, and AI security.

214k – 252kSan Francisco, CANew York, NYPittsburgh, PASecurity EngineeringHybrid7+ YOE
Apply

About the role

What You’ll Do

Secure Development & Architecture Leadership

  • Lead Threat Modeling and Design Reviews: Impact the product from ideation through to code that is shipping to production. Conduct advanced threat modeling and security architecture reviews for complex systems, new products, and platform initiatives, providing expert guidance and requirements to meet Abridge’s security goals.
  • Define Security Strategy: Define and implement the technical roadmap for the Application Security program, focusing on scalable assurance, proactive security measures, and setting clear standards and guardrails.
  • Mentor and Enable: Act as a subject matter expert and trusted advisor to product and engineering teams, providing mentorship on security features, product defense, secure coding practices, application architecture, and vulnerability remediation strategies.
  • Conduct Training & Awareness: Develop training materials for engineers to build a foundation of security best practices across the engineering organization.

Vulnerability Management & Incident Response

  • Code and Security Reviews: Perform and lead in-depth secure code reviews (both manual and tool-assisted) to identify complex security vulnerabilities and flaws, including logic and authorization vulnerabilities that automated tools often miss. Get hands on with assessing AI models, agents, and architectures.
  • Internal Penetration Testing: Lead internal penetration testing engagements for net new products and historical systems identify security risks across our environment.
  • Vulnerability Program Oversight: Design and enhance the end-to-end vulnerability management program for Abridge’s products and applications, ensuring timely identification, prioritization, and remediation of critical security issues while doing so in as developer-friendly a way as possible.
  • Security Incident Response: Serve as an expert on Abridge’s products and applications for the security incident response team, assisting in investigating and resolving security events and incidents.

Skills

Threat ModelingSecure Code ReviewPenetration TestingKubernetesGCPPythonNext.jsIAMRBACAbacApplied CryptographyAi SecurityMl SecurityVulnerability ManagementSDLC

Similar roles

Security Engineering jobs
Crusoe

Staff Software Engineer, Security

Staff Security Software Engineer designing and building scalable security infrastructure, identity systems, and compliance automation platforms. Requires 8+ years software engineering experience with deep Kubernetes, Go/Rust, and cloud platform expertise.

215k – 260kSan Francisco, CASecurity EngineeringOn-site8+ YOEGoGCP
Reddit

Staff Software Engineer, Identity & Access Management

Staff Software Engineer on the IAM team designing, delivering, and supporting digital identity, authentication, and access systems. Requires 10+ years backend experience, deep IAM expertise, and proficiency in Go/Python/Java/TypeScript.

217k – 304kUnited StatesSecurity EngineeringRemote10+ YOEGoSQL
Reddit

Staff Product Security Engineer

Leads design and delivery of secure frameworks, guardrails, and workflow-native controls to prevent vulnerabilities in production, especially for AI-assisted development. Requires 8+ years in software/product security, staff-level impact, and proficiency in Go, Python, or JS/TS.

217k – 304kUnited StatesSecurity EngineeringRemote8+ YOEGoLLMs
Databricks

Senior Staff Software Engineer - Security Infrastructure

Leads security infrastructure engineering at Databricks, plugging critical gaps in large-scale systems, with 15+ years experience in distributed systems and 9+ in data security areas like Kubernetes security and cryptography. Requires MS/PhD and strong leadership.

217k – 288kBellevue, WASecurity EngineeringOn-site15+ YOEKubernetesCryptography
Upside

Staff AppSec Engineer

Staff AppSec Engineer owning end-to-end vulnerability identification and remediation. Partner with engineering teams on secure development practices, threat modeling, and AWS security architecture while leveraging AI tools.

210k – 230kWashington, DCSecurity EngineeringHybrid6+ YOEAWSSca