Senior Application Security Engineer

📋 Description

• Own and improve Apollo's secure SDLC across apps.
• Perform app security reviews, threat modeling, and code-level analysis.
• Provide security architecture guidance to Eng, Product, and IT teams.
• Define AppSec guardrails, secure design standards, and risk models.
• Lead vulnerability management across reviews, bug bounty, and pentests.
• Execute hands-on validation and red-team testing to verify fixes.

🎯 Requirements

• 5+ years in software engineering or AppSec with hands-on SaaS depth
• Strong coding ability; Ruby valuable; Python scripting a plus
• Linux and cloud fundamentals; GCP experience preferred
• Deep familiarity with AppSec issues: auth, access control, crypto, and tooling
• Deep code review, pentesting, and exploit validation experience
• Experience handling bug bounty, pentests, or internal reviews
• Experience using AI-assisted tools to scale security workflows

🎁 Benefits

• Equity and potential company bonus or commissions
• 401(k) plan
• 10+ paid holidays and flex PTO
• Parental leave and wellbeing programs
• Global travel coverage and life/AD&D/STD/LTD insurance
• FSA/HSA with medical, dental, vision benefits