Senior Security Engineer, Application Security
Trail of BitsSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Energy, BiotechnologyIndustries
Requirements
Candidates must have a minimum of 5 years of application security experience, with practical and production-level implementation experience in Django/Python with a security focus. An engineering background (software or DevOps/SRE) is required, enabling the ability to read/modify code, review pull requests, and build proof-of-concepts. Experience with GitHub security, including static code scan review, triage, noise elimination, and remediation driving, is essential. The role requires experience embedding secure SDLC into Git-based workflows and CI/CD, practical knowledge of SOC 2 and familiarity with NIST 800-53, and the ability to translate requirements into technical tasks and evidence. Proficiency in operating across code, application, and DevOps domains (containers, IaC basics, secrets, logging/monitoring) is necessary, along with clear, persuasive communication (verbal and written), prioritization skills, and excellent time management with a proven ability to meet deadlines.
Responsibilities
The Senior Application Security Engineer will manage security and risk for internally developed applications, making risk-based decisions and recommending/validating controls. Responsibilities include contributing to the application security roadmap, consulting with engineers on requirements and adoption, conducting security-focused pull request reviews, and serving as a steward for SAST/scanning by triaging findings and driving remediation. The engineer will build reference implementations in Django/Python for security patterns, map SOC 2/NIST requirements to engineering work, and perform threat modeling and architecture reviews to document secure patterns. They will oversee security tasks within the SDLC, collaborate with developers and leads, act as a liaison between business security/privacy/compliance requirements and development teams, and participate as a subject matter expert in security architecture. The role involves recommending application security improvements based on best practices and OWASP standards, reviewing code changes for security impact, ensuring compliance with company security policies, and managing all security-related tickets.
Skills
Application Security
Risk Management
Security Controls
SAST
Django
Python
DevOps
Pull Request Reviews
Authentication
Input Validation
Secrets Management
Rate Limiting
Geo-based Access
SOC 2
NIST
Energy Solutions
Provides market-based energy and environmental solutions
About Energy Solutions
Energy Solutions focuses on creating large-scale environmental impacts through cost-effective solutions for carbon, energy, and water management. The company works with energy providers, government agencies, and businesses to improve their environmental footprint by offering expertise in energy efficiency, demand management, distributed energy resources, and clean transportation. Their approach involves identifying new technologies and collaborating with partners to accelerate market adoption and establish quality standards. Energy Solutions generates revenue by providing market-driven programs that help clients achieve energy savings and comply with regulations. With over 20 years of experience, the company is known for its reliability and commitment to meeting client needs while delivering significant energy savings and environmental benefits.
Oakland, CaliforniaHeadquarters
1995Year Founded
VENTURE_UNKNOWNCompany Stage
Energy, Social ImpactIndustries
201-500Employees
Benefits
Health Insurance
Dental Insurance
Vision Insurance
401(k) Retirement Plan
Company Equity
Remote Work Options
Paid Sick Leave
Paid Holidays
Paid Vacation
Risks
Emerging startups with advanced technologies increase competition in the clean energy sector.
Potential regulatory changes could impact program offerings and require adjustments.
Rising costs of raw materials may affect pricing strategy and profit margins.
Differentiation
Over 25 years of experience in energy and environmental management solutions.
Strong partnerships with governments to establish quality standards for new technologies.
Focus on market-driven, scalable solutions for significant environmental impact.
Upsides
Increased demand for energy management due to smart grid technology adoption.
Opportunities in clean transportation and carbon management from green hydrogen rise.
Growing corporate sustainability commitments boost demand for energy efficiency services.
Related Jobs
RemoteRemoteDevSecOps Engineer
OddballSalary not specified
- Full Time
- Mid-level (3 to 4 years), Senior (5 to 8 years)
RemoteApplication Security Architect
WorkwaveSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Software Security Engineer
Muon SpaceSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteDjango/Python Developer
Research Innovations$74,000 - $175,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteApplication Security Engineer (Senior level)
KustomerSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteDevOps Lead Architect
Aura$145,000 - $170,000/year
- Full Time
- Senior (5 to 8 years)
RemoteSenior Software Engineer, Secure Agents
Cohere$150,000 - $220,000/year
- Full Time
- Senior (5 to 8 years), Junior (1 to 2 years)
RemoteSenior Engineer, App Security
HealthieSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteStaff Technical Program Manager, Security Engineering
1PasswordSalary not specified
- Full Time
- Expert & Leadership (9+ years)
RemoteSenior Security Engineer
BraceSalary not specified
- Full Time
- Senior (5 to 8 years)