Senior Security Engineer, Application Security
Trail of BitsSalary not specified
Full Time
Senior (5 to 8 years)
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
CybersecurityIndustries
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, or a related field (or equivalent experience)
- 5+ years of experience in software development with at least 2 years in secure code review or application security
- Strong understanding of secure software development lifecycle (SSDLC)
- Experience identifying and remediating vulnerabilities in code written in one or more languages (e.g., C/C++, C#, Swift, Java, JavaScript, Python)
- Familiarity with security tools such as SonarQube, Fortify, Checkmarx, Veracode, or similar
- Knowledge of OWASP Top 10, CWE/SANS 25, and CVSS scoring
- Strong analytical, communication, and documentation skills
Responsibilities
- Perform in-depth security-focused code reviews across various codebases and languages
- Identify common and advanced security vulnerabilities (e.g., injection, XSS, insecure deserialization, insecure APIs)
- Work closely with developers to educate and guide them in secure coding practices
- Recommend fixes and mitigation strategies, ensuring adherence to security standards (e.g., OWASP Top 10, CWE, NIST)
- Collaborate with security engineers, architects, and DevSecOps teams to enhance code security posture
- Maintain documentation of findings and track remediation status
- Utilize static and dynamic analysis tools to supplement manual reviews
- Participate in security audits, threat modeling, and secure code training sessions
Skills
Key technologies and capabilities for this role
Questions & Answers
Common questions about this position
Is this position remote or onsite?
This is an onsite position requiring work in an office environment, though it may involve some travel to company offices.
What experience is required for this role?
Candidates need a Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent), 5+ years of software development experience with at least 2 years in secure code review or application security, and strong understanding of SSDLC.
What programming languages should I be experienced with?
Experience identifying and remediating vulnerabilities in code written in languages such as C/C++, C#, Swift, Java, JavaScript, or Python is required.
What security knowledge is essential for this position?
A strong understanding of OWASP Top 10, CWE/SANS 25, and CVSS scoring is required, along with familiarity with security tools like SonarQube, Fortify, Checkmarx, or Veracode.
What makes a strong candidate for this role?
Strong candidates will have security certifications like OSCP, CSSLP, CEH, or GWAPT, experience in regulated environments such as finance or healthcare, and familiarity with threat modeling or penetration testing.
Threatlocker
Provides enterprise cybersecurity software solutions
About Threatlocker
ThreatLocker offers enterprise security software that protects organizations from data breaches and cyber threats. Their main product, ThreatLocker Protect, blocks untrusted software and restricts applications from running unless explicitly allowed, effectively preventing ransomware and other malicious attacks. The company stands out with its fast customer support, typically responding in under 60 seconds, and its ability to help clients comply with various regulations. ThreatLocker's goal is to improve clients' cybersecurity posture while providing cost-effective solutions.
Maitland, FloridaHeadquarters
2017Year Founded
$295MTotal Funding
SERIES_DCompany Stage
Enterprise Software, CybersecurityIndustries
501-1,000Employees
Risks
Increased competition from emerging cybersecurity startups could challenge ThreatLocker's market position.
Rapid workforce expansion may challenge ThreatLocker's company culture and operational efficiency.
Potential over-reliance on U.S. based support could be a risk in global expansion.
Differentiation
ThreatLocker specializes in Zero Trust endpoint protection and application whitelisting solutions.
Their U.S. based support team is known for quick response times under 60 seconds.
ThreatLocker Protect blocks untrusted software, preventing ransomware and malicious software exploits.
Upsides
ThreatLocker raised $115 million to drive R&D, support, and marketing efforts.
The cybersecurity market is expected to grow at a CAGR of 10.9% from 2023 to 2028.
Increased demand for Zero Trust security solutions boosts ThreatLocker's market potential.
Related Jobs
RemoteRemoteStaff Product Security Software Engineer (Remote)
QuoraSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteSoftware Engineer, Security
Render$193,000 - $265,000/year
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteSenior Security Analyst, Vulnerability Management
VantaSalary not specified
RemoteSenior System Software Engineer - DevSecOps
NVIDIASalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteCode Edit Disputes Medical Coder
HumanaSalary not specified
RemoteSenior Program Analysis Engineer, Code
SemgrepSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Software Engineer, Secure Agents
CohereSalary not specified
- Full Time
- Senior (5 to 8 years)
RemoteSenior Vulnerability Manager
Keeper SecuritySalary not specified
RemoteBlockchain Security Expert - Anti Defect Track
CertikSalary not specified
- Full Time
- Junior (1 to 2 years)
RemoteCoding Client Success Specialist
WellSkySalary not specified
- Full Time
- Mid-level (3 to 4 years)
RemoteSenior Application Security Engineer
M&T BankSalary not specified
- Full Time
- Senior (5 to 8 years), Expert & Leadership (9+ years)
RemoteLead Instructor, Cybersecurity - Spring 2026
CodePathSalary not specified