Remote Application Security Engineer Jobs

- 5+ years of career experience in IT or Engineering with a security focus - Passion for and strong experience with bug bounty programs, vulnerability research, validation, remediation, or pentesting - Experience with internal tool development and engineering enablement - Strong foundational understanding of software development principles, comfortable reading and writing code - Works well in a team environment with positive communications amongst a variety of technical and non-technical stakeho…

- Minimum of 5 years' experience in application security - Practice and implementation with Django/Python with a clear application-security focus (production experience and impact, not theory) - Engineering background (software or DevOps/SRE) with the ability to read/modify code, review PRs, and build PoCs - Experience with GitHub security, including reviewing static code scans, triage findings, eliminate noise, and drive remediation with owners - Experience embedding secure SDLC into Git-based …

Candidates must possess a Bachelor's degree and a minimum of 3 years of relevant work experience, or a combined minimum of 7 years of higher education and/or work experience, including at least 5 years in software development or application security. Prior experience reviewing or fixing vulnerabilities identified using application security tools like SAST, SCA, IAST, and dynamic application security testing is required. Proficiency in using multiple cybersecurity tools specific to the function i…

Candidates should possess extensive experience in software security, demonstrating the ability to identify and mitigate application and system-level vulnerabilities in code. Strong knowledge of application security principles, secure coding practices, and vulnerability assessment methodologies is required. Experience with low-level code analysis, system architecture, and security boundaries is also necessary.

- Experience with AI Security Innovation, leveraging LLMs for code analysis and vulnerability pattern recognition - Experience conducting comprehensive security assessments across diverse technology stacks (web applications, cloud-native architectures, mobile platforms, system-level software) - Experience identifying critical vulnerabilities in authentication systems, API security, access controls, and platform security mechanisms - Experience leading sophisticated threat modeling exercises and …

- Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience, including a minimum of 5 years software development or application security - Prior experience reviewing or fixing vulnerabilities identified using application security tools such as static application security testing (SAST), software composition analysis (SCA), interactive application security testing (IAST), dynamic application…

- 6+ years of experience in security engineering, DevSecOps, or related roles - Experience at scale, including experience with web app security (OWASP Top 10, API security, auth flows, input validation) - Strong programming skills (Python, Go, or JavaScript) to build tools, write secure code, and contribute to developer libraries - Experience integrating security into modern SDLC pipelines - Hands-on with AppSec tooling (Snyk, OWASP ZAP, Burp Suite, SonarQube, Checkmarx, etc.) - Solid understand…

Candidates must have a minimum of 4 years of relevant experience in application security, acquired through educational qualifications in computer science, Cyber Security, or a related field. A proven track record in developing cloud-hosted applications with a focus on security using languages like C#, Java, Python, .Net, and databases such as MongoDB, SQL Server, and Oracle is required. Strong understanding of cloud architectures (AWS/Azure/GCP), operating security tools (SAST, SCA, DAST), user …

- 5+ years of experience developing or securing web-based applications - Experience with modern Javascript (Node.JS, ES6 and TypeScript) and front-end frameworks (Ember, Angular, React, Vue, etc.) - Experience with leading threat modeling and secure design reviews - Experience with security assessment tools (SCA, SAST, DAST) such as Qualys, SonarCloud, Prisma or similar is a plus - Docker & Kubernetes - Excellent organization, time management, and attention to detail - Must be action-oriented an…

- Experience creating, building, or scaling an application security program in a cloud-first organization - Primary coding language: Javascript (NodeJS/Typescript) and Python - Experience with threat modeling and architecture reviews - Experience working with engineering and technical leadership to build security processes like vulnerability management - Deep understanding of web and API-based security vulnerabilities

- 3+ years in a product security role - 3+ years of software development - Proficiency in threat modeling - Proficiency in C - Knowledge of common vulnerability classes - Experience in static code analysis - Ability to travel to Yubico’s other offices two times per year

- Bachelor's degree in computer science or another equivalent degree - 8+ years of hands-on experience in Application, Cloud, or Product Security roles, with lead or staff-level responsibilities - Deep expertise in AWS security architecture and service hardening - Advanced programming and scripting ability in Python (Bash or Go a plus) - Proven experience with offensive security: hacking, exploit analysis, or red team operations - Strong foundation in vulnerability management, threat modeling, a…

Candidates must be experienced security leaders with a proven track record in building and scaling Product Security functions. A strong understanding of Application Security, including Bug Bounty, Vulnerability Management, and secure SDLC programs, is essential. Experience leading Data and Device Security initiatives and building Security Research teams is required. The role demands people leadership skills, including managing individual contributors and managers, providing feedback, and fosteri…

- 5+ years of experience in a hands-on security engineering role - Experience in regulated industries (e.g., healthcare, fintech) and startup environments - Strong experience with Infrastructure as Code (Terraform) - Deep practical knowledge of AWS security principles and IAM - Proficiency in a scripting language (e.g., Python) - Solid understanding of application security and experience with tools like GitHub Advanced Security - Proven experience enhancing secrets management programs - Familiar…

- 6+ years of software engineering experience with 3+ years in security engineering, application security, or infrastructure security roles - Deep cloud security expertise with AWS, Kubernetes, and cloud-native security tools - Experience securing containerized environments - Strong application security background including secure code review, vulnerability assessment, penetration testing, and familiarity with OWASP Top 10 and common attack vectors - Infrastructure security experience with netwo…