Principal Security Engineer, Application Security
Skills
- Effective use of GitLab and experience working in remote, asynchronous teams
- 8+ years of professional experience in Application Security or Vulnerability Research
- Expertise in detecting/remediating security defects, including race-condition and logic vulnerabilities
- Programming experience (preferred: Ruby/RoR, Go, TypeScript) and familiarity with GraphQL APIs
- Deep knowledge of OWASP Top 10, STRIDE, CVSS scoring, and Threat Modeling
- Experience with code review, threat modeling, SAST, DAST, penetration testing, and bug bounty workflows
- Strong understanding of CI/CD, supply chain, and API security risks
- Proven ability to discover and identify fixes for SQLi, XSS, CSRF, SSRF, and auth/authorization flaws
- Strong written and verbal English communication and ability to influence senior leadership
Responsibilities
- Drive resolution of systemic vulnerability classes and platform-wide mitigations
- Perform complex application security reviews, threat modeling, and attack surface analysis
- Conduct vulnerability research and create controlled proof-of-concept exploits
- Define and establish secure development practices, Paved Roads, and security standards
- Provide technical leadership during security crises and major incident response
- Contribute to long-term security architecture and strategic product design
- Coach and mentor junior engineers and influence cross-functional teams
Education
- Bachelor's degree in Computer Science or equivalent practical education (or equivalent experience)
- Technical bootcamp or equivalent hands-on training accepted
Benefits
- Benefits supporting health, finances, and well-being
- All-remote, asynchronous work environment
- Flexible paid time off
- Team Member Resource Groups
- Equity compensation and Employee Stock Purchase Plan
- Growth and development budget
- Parental leave
- Home office support
- Inclusive EEO policies and accommodation support
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
Build and operate core backend systems that power large-scale email ingestion and remediation for a high-impact cybersecurity platform.
Serve as a Cloud Site Reliability Engineer improving observability, automation, and platform reliability for cloud-native services running on GCP and Kubernetes.
Senior full-stack engineer needed to design and ship accessible, scalable web experiences and serverless backends for a global edtech company, based in Utah.
Momentive is hiring a Software Developer Intern to assist in designing, coding, testing, and integrating MES applications and tools to improve production data flow and automation.
Lead reliability and automation efforts for ServiceNow cloud operations in a Staff Production Service Engineer role supporting US Public Sector customers from the Orlando office.
Lead an ML engineering team at ServiceNow to build scalable cloud AI solutions that improve enterprise workflows and user experiences.
Remote-first Senior Full Stack Software Engineer needed to deliver scalable full-stack and backend solutions powering 3D design, CAD integrations, and cloud-based operational workflows across North America.
Develop and validate manufacturing software and diagnostics for electro-mechanical production systems supporting Intuitive's robotic surgical products.
Experienced full-stack engineer wanted to build and operate cloud-native applications using Node.js, React, Java Spring Boot, and Google Cloud Platform.
Lead and scale a cross-functional engineering team at Rad AI to deliver AI-powered radiology products that improve clinical outcomes and operational KPIs.
Nooks is hiring a senior backend engineer to build and scale high-throughput integrations and data pipelines for its AI Sales Assistant platform.
Lead CoinTracker's Infrastructure & Platform teams to build secure, scalable foundations that enable fast, reliable product delivery across a globally distributed engineering organization.
Join Corvus Robotics as a Senior Computer Vision / Machine Learning Engineer to build and optimize 2D/3D perception models for production autonomous inventory-tracking drones.
GitLab is a complete DevOps platform, delivered as a single application that's fundamentally changing the way Development, Security, and Ops teams collaborate and build software.
10 jobs
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
