# Senior/Staff Application Security Engineer
**Company:** [Abridge](https://hotfix.jobs/companies/abridge)
**Location:** San Francisco, CA, New York, NY, Pittsburgh, PA
**Salary:** $214K-$252K
**Experience:** 7+ years
**Skills:** Threat Modeling, Secure Code Review, Penetration Testing, Kubernetes, GCP, Python, Next.js, IAM, RBAC, Abac, Applied Cryptography, Ai Security, Ml Security, Vulnerability Management, SDLC
**Posted:** 2025-04-14
> Leads application security initiatives including threat modeling, secure code reviews, penetration testing, and vulnerability management for AI healthcare platform. Mentors engineering teams on secure practices with 7+ years experience in AppSec, cloud, and AI security.
## Job Description
## What You’ll Do

### Secure Development & Architecture Leadership
- Lead Threat Modeling and Design Reviews: Impact the product from ideation through to code that is shipping to production. Conduct advanced threat modeling and security architecture reviews for complex systems, new products, and platform initiatives, providing expert guidance and requirements to meet Abridge’s security goals.
- Define Security Strategy: Define and implement the technical roadmap for the Application Security program, focusing on scalable assurance, proactive security measures, and setting clear standards and guardrails.
- Mentor and Enable: Act as a subject matter expert and trusted advisor to product and engineering teams, providing mentorship on security features, product defense, secure coding practices, application architecture, and vulnerability remediation strategies.
- Conduct Training & Awareness: Develop training materials for engineers to build a foundation of security best practices across the engineering organization.

### Vulnerability Management & Incident Response
- Code and Security Reviews: Perform and lead in-depth secure code reviews (both manual and tool-assisted) to identify complex security vulnerabilities and flaws, including logic and authorization vulnerabilities that automated tools often miss. Get hands on with assessing AI models, agents, and architectures.
- Internal Penetration Testing: Lead internal penetration testing engagements for net new products and historical systems identify security risks across our environment.
- Vulnerability Program Oversight: Design and enhance the end-to-end vulnerability management program for Abridge’s products and applications, ensuring timely identification, prioritization, and remediation of critical security issues while doing so in as developer-friendly a way as possible.
- Security Incident Response: Serve as an expert on Abridge’s products and applications for the security incident response team, assisting in investigating and resolving security events and incidents.
**Apply:** https://hotfix.jobs/jobs/senior-staff-application-security-engineer-at-abridge-e499d5cb-93ed-4cf1-b242-d106d421e845
**Canonical:** https://hotfix.jobs/jobs/senior-staff-application-security-engineer-at-abridge-e499d5cb-93ed-4cf1-b242-d106d421e845