Staff Application Security Engineer

📋 Description

• Lead threat modeling and design reviews across the product lifecycle.
• Define security strategy and roadmaps for the Application Security program.
• Mentor product and engineering teams on secure coding and architecture.
• Develop training materials to build a foundation of security best practices.
• Lead code reviews and internal penetration testing engagements.
• Oversee vulnerability management and incident response programs.

🎯 Requirements

• 10+ years in Application Security with demonstrated impact at scale.
• Proficiency in Python and NextJS; strong software development fundamentals.
• Cloud security experience (GCP preferred) and containerization (Kubernetes).
• Deep knowledge of web app security, APIs, IAM (RBAC, ABAC), and cryptography.
• AI/ML security knowledge related to models, agents, and systems.
• Bonus: security research, cross-functional influence, and data-driven metrics.

🎁 Benefits

• Generous time off: 14 paid holidays and flexible PTO.
• Comprehensive health plans: medical, dental, and vision for all.
• Generous HSA contributions for HDHPs.
• Paid parental leave.
• 401(k) matching and retirement benefits.
• Personal device allowance and pre-tax benefits (FSA/Transit).