Skip to content
Upside

Staff Application Security Engineer

210k – 230kWashington, DCSecurity EngineeringRemote6+ YOE
Summary

Staff-level AppSec engineer building secure coding practices and vulnerability management for a commerce platform. Requires 6+ years in application security with deep AWS and Python experience.

About the role

Responsibilities

  • Innovate with AI and deliver security solutions to mitigate application vulnerabilities
  • Run security code tests (SAST, SCA) and partner with engineers to remediate unsafe code
  • Create threat models and engage technology teams to review and document risks
  • Guide leadership on security architecture, design and best AppSec practices
  • Train and upskill engineers on safe coding and vulnerability management
  • Assist penetration testing initiatives and/or help manage bug bounties
  • Support administration of AWS Control Tower and IAM provisioning
  • Interact with the security community and keep aware of trends

Requirements

  • 6+ years of application or product security inclusive of reviewing Python code
  • Experience with innovating and delivering solutions related to vulnerability management
  • Deep knowledge of AWS and Lambda security architecture and AWS Control Tower
  • Strong understanding and adoption of AI technologies
  • Bachelor’s degree in Computer Science or Engineering highly preferred
  • Exceptional customer service and people skills

Tools

  • Github Suite (Advanced Security, Actions, Copilot)
  • Python
  • Terraform
  • AWS Lambda, DynamoDB, S3, SNS, SQS, IAM, VPCs
  • ChatGPT
  • Snowflake
  • SQL
Skills
Application SecurityPythonAWSAWS LambdaAWS Control TowerSASTSCAThreat ModelingTerraformIAM
Similar roles at this salary range
All Security Engineering jobs →
DuckDuckGo

Senior Privacy Engineer

Lead privacy engineering projects protecting user data across search, browser, and AI features. Own major privacy components, participate in audits, and mentor engineers using Go, Node.js, Python, or Perl.

179k – 179kUnited StatesSecurity EngineeringRemote5+ YOEGoPerl
DuckDuckGo

Privacy Engineering Director

Lead privacy engineering initiatives across private browsing, search, and agentic products. Own complex privacy projects from definition to delivery, evolve review processes, and grow privacy engineering talent.

244k – 244kUnited StatesSecurity EngineeringRemote10+ YOEPrivacy AuditsPrivacy Reviews
Doppel

Product Security Engineer

Product Security Engineer embedding into engineering workflows to conduct architecture reviews, threat modeling, and penetration testing coordination while serving as GCP security SME. Requires 5-7 years experience and strong GCP and Python skills.

175k – 200kUnited StatesSecurity EngineeringRemote5+ YOEGCPIAM
Instacart

Senior Product Security Engineer II

Senior security engineer focused on offensive security testing, penetration testing, and scaling security practices across Instacart's product suite. Requires 7+ years in security engineering or pentesting with experience in mobile, cloud, or AI security.

192k – 243kUnited StatesSecurity EngineeringRemote7+ YOEAI SecurityCloud Security
Crusoe

Staff Software Engineer, Security

Staff Security Software Engineer designing and building scalable security infrastructure, identity systems, and compliance automation platforms. Requires 8+ years software engineering experience with deep Kubernetes, Go/Rust, and cloud platform expertise.

215k – 260kSan Francisco, CASecurity EngineeringOn-site8+ YOEGoGCP
Apply