Jobs · Information Technology

Sr. Security Engineer

Jobgether · United States · 4 days ago
RemoteRemoteInformation TechnologyFull-time

About the role

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Sr. Security Engineer based in United States. This role offers the opportunity to strengthen security practices across a rapidly growing technology platform.

Responsibilities

  • Lead application security assessments, threat modeling sessions, and secure code reviews for new features and major product changes.
  • Manage and improve security testing programs, including SAST, DAST, SCA, and application security posture management tooling.
  • Review, prioritize, and coordinate remediation of security findings with engineering teams.
  • Plan and execute penetration testing activities across web applications, APIs, and mobile applications while supporting third-party assessments.
  • Own the vulnerability management lifecycle, from discovery and prioritization through remediation validation.
  • Develop secure coding standards, security guidelines, and training resources to improve developer awareness.
  • Integrate security tools into CI/CD pipelines and promote shift-left security practices across the software development lifecycle.
  • Investigate security incidents, vulnerability reports, and bug bounty submissions while providing root cause analysis and remediation recommendations.
  • Collaborate with product and engineering teams on security architecture decisions and secure implementation strategies.
  • Monitor emerging threats, vulnerabilities, and attack techniques to continuously improve security capabilities.
  • Leverage AI tools and automation approaches to improve security workflows, including threat modeling, vulnerability analysis, exploit validation, and risk prioritization.

Requirements

  • Strong application security experience combined with offensive security skills and the ability to communicate effectively across technical and business teams.
  • 5+ years of experience in application security with hands-on experience across secure software development lifecycle practices and offensive security testing.
  • A strong understanding of web application and API security principles, including OWASP, MITRE, CIS frameworks, and modern attack techniques.
  • Experience operating and managing security testing tools such as SAST, DAST, SCA, or ASPM platforms.
  • Proficiency in scripting or programming languages such as Python, JavaScript, Go, Ruby, or similar for code reviews and security tooling development.
  • Experience designing and executing penetration tests against modern web and mobile applications.
  • Knowledge of cloud security concepts, preferably with AWS experience, along with familiarity with GCP, OVH, containers, and Kubernetes security.
  • Experience working in compliance-focused environments such as SOC 2 or similar regulated frameworks.
  • Strong written and verbal communication skills with the ability to explain technical risks to non-technical stakeholders.
  • Ability to work independently, prioritize effectively, and collaborate with distributed engineering teams.
  • Experience using AI tools to improve security operations, automate analysis, and enhance productivity is highly valued.
  • Relevant certifications such as OSCP, GWAPT, GPEN, CEH, or equivalent are a plus.

Benefits

  • Comprehensive medical, dental, and vision insurance plans with employer coverage starting on day one.
  • 401(k) retirement plan with employer matching.
  • Paid time off including holidays, vacation days, sick days, and floating holidays.
  • Employer-paid basic life insurance and accidental death & dismemberment coverage.
  • Short-term and long-term disability coverage.
  • Paid family leave.
  • Employee Assistance Program.
  • Quarterly self-care stipends.
  • Access to additional benefits including FSA, HSA, dependent care benefits, commuter benefits, supplemental insurance options, legal support, and more.
  • Remote-first work environment with flexibility and opportunities to collaborate with a distributed team.
  • Opportunity to shape security strategy and influence engineering practices as a senior security contributor.

Similar jobs

Sr. Security Engineer

Early WarningScottsdale, AZ· 2 wk ago
Information Technology$132k–$165k/yrapply on earlywarning.wd5.myworkdayjobs.com

Sr Security Engineer

MeijerMichigan, United States· 1 wk ago
Information Technologyapply on meijer.wd5.myworkdayjobs.com

Sr. IT Security Engineer

Great West, An Old Republic CompanyIowa, United States· 4 days ago
Information Technologyapply on myjobs.adp.com