Senior Application Security Engineer
M&T BankSalary not specified
Full Time
Senior (5 to 8 years), Expert & Leadership (9+ years)
Not SpecifiedCompensation
Mid-level (3 to 4 years), Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
FinTech, Financial ServicesIndustries
Requirements
- Deep experience in application security testing, penetration testing, and code review
- Hands-on experience with security testing tools (e.g., Burp Suite, OWASP ZAP, Snyk)
- Knowledge of implementing SAST, DAST, and SBOM/SCA tooling in CI/CD workflows
- Familiarity with Terraform and infrastructure-as-code security
- Experience developing in strongly typed language (e.g. Rust, C++, Java)
- Strong communication skills for collaborating with developers, product teams, and leadership
- Applied knowledge of threat modeling, cryptography, and vulnerability management
- Understanding of security frameworks such as SOC2, CIS, ISO 27001/42001, or NIST CSF
- Thrive in fast-paced environments, high-intensity, ambitious, curious, self-directed, and autonomous
Responsibilities
- Perform dynamic security reviews, threat modeling, and penetration testing of applications and APIs
- Own the end-to-end implementation of automated security reviews within Rogo’s SDLC
- Contribute directly to code by fixing and remediating vulnerabilities found in SDLC scans (SAST, DAST, SCA, IaC, etc.)
- Design and implement security tools and automation that streamline workflows and integrate with our platform
- Review and secure cloud infrastructure, including hands-on Terraform and other infrastructure-as-code changes
- Build and maintain test environments and simulation ranges to validate security controls at scale
- Partner with engineers across the company to embed secure coding practices into CI/CD pipelines
- Maintain secure coding standards and deliver training to developers
- Respond to incidents, perform root cause analysis, and improve defenses against recurring risks
- Work with our enterprise Bug Bounty program to triage and resolve reported vulnerabilities
- Share emerging security threats, insights, and best practices with engineering teams and leadership
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
Is this position remote or onsite?
This is an onsite position.
What salary or compensation does this role offer?
This information is not specified in the job description.
What key skills are required for this Security Engineer role?
The role requires deep experience in application security testing, penetration testing, and code review, along with hands-on experience with security testing tools such as Burp Suite, OWASP ZAP, and Snyk.
What is the company culture like at Rogo?
Rogo fosters a culture where security is a shared responsibility, with collaboration across development teams and leadership to integrate security into everyday workflows.
What makes a strong candidate for this Security Engineer position?
A strong candidate will have deep hands-on experience in application security testing, penetration testing, code review, and using tools like Burp Suite, OWASP ZAP, and Snyk.
Rogo
Generative AI platform for financial institutions
About Rogo
Rogo provides a secure generative AI platform tailored for elite financial institutions, including investment banks, hedge funds, and asset management companies. The platform utilizes advanced large language models to search, analyze, and cite millions of documents, significantly reducing the time spent on manual research. This allows junior team members to focus on more valuable tasks while enabling executives to quickly access critical information. Rogo's business model centers on customizing its AI solutions to meet the specific needs of each client, ensuring that the platform understands the unique language and data of their operations. Revenue is generated through subscription fees and additional services like customization and support. The main goal of Rogo is to enhance productivity and decision-making in financial institutions, helping them save time, improve insights, and automate workflows.
New York City, New YorkHeadquarters
2021Year Founded
$29.2MTotal Funding
SERIES_ACompany Stage
Fintech, AI & Machine LearningIndustries
11-50Employees
Risks
Increased competition from established fintech companies like Palantir and Bloomberg.
Potential over-reliance on third-party data providers like Quartr.
Regulatory scrutiny on AI-driven financial platforms is intensifying.
Differentiation
Rogo offers a bespoke AI solution tailored to each financial institution's needs.
The platform integrates and analyzes data from both internal and external sources.
Rogo's AI can search, analyze, and cite millions of documents efficiently.
Upsides
Rogo raised $18.5M in Series A funding led by Khosla Ventures.
Partnership with Quartr enhances Rogo's analysis tools for investment bankers.
Rogo's AI automates workflows, saving time and improving decision-making.
Related Jobs
RemoteRemoteSecurity Engineer, Cloud Security
Red Cell PartnersSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSoftware Engineer, Security
Render$193,000 - $265,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemotePrincipal DevSecOps Engineer
Second Front SystemsSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteDetection & Response Engineer III - NG-SIEM (Remote)
CrowdstrikeSalary not specified
RemoteSecurity Engineer, Infrastructure Security
OpenAI$292,500 - $405,000/year
- Full Time
- Junior (1 to 2 years)
RemoteSales Engineer - Federal
SpyCloudSalary not specified
- Full Time
- Expert & Leadership (9+ years)