HiringCafe
Join our community
|
📣 HiringCafe is hiring a Founding Growth Hacker! Learn More · Apply here

National browse hub

Application Security Developer Jobs in United States

620+ application security developer jobs from 420+ companies hiring in United States.

All jobs in United States
Explore by state:California·Texas·New York·Florida·Illinois·Pennsylvania·Ohio·North Carolina·Michigan·Georgia·New Jersey·Virginia·Massachusetts·Washington·Indiana·Tennessee·Arizona·Missouri·Maryland·Wisconsin·Minnesota·Colorado·Alabama·Louisiana·South Carolina·Kentucky·Oregon·Oklahoma·Connecticut·Iowa·Mississippi·Arkansas·Kansas·Utah·Nevada·New Mexico·West Virginia·Nebraska·Idaho·Maine·New Hampshire·Hawaii·Rhode Island·Montana·Delaware·South Dakota·Alaska·North Dakota·Vermont·District of Columbia·Wyoming
625 jobs- United States
2w
Save
Mark Applied
Hide
Application Security Engineer
Lindon, Utah, United States
OnsiteFull Time
Awardco
Awardco: Software platform for employee recognition and corporate rewards programs.
6+ YOE6+ years in application security or security-focused software engineering; cloud SaaS security; OWASP Top 10; modern languages; security tooling; CI/CD integration.
SAST, DAST, Dependency scanning, Container scanning, GitHub Advanced Security, Snyk, Wiz, CI/CD pipelines
Job PostingView all
3mo
Save
Mark Applied
Hide
Application Security Engineer
Boston, Massachusetts, United States
$100k-$160k/yr HybridFull Time
HarbourVest
HarbourVest: Manages global private equity, debt, and real asset investments.
3+ YOE3-5 years in application security; secure software development; OWASP Top 10; fintech/compliance context; security certifications a plus.
SAST, DAST, SCA, CI/CD, DevSecOps, Cloud Platforms, Containers, Infrastructure as Code, Cursor, GitHub Copilot, ChatGPT Codex
Job PostingView all
2mo
Save
Mark Applied
Hide
Application Security Engineer
New York, New York, United States
$110k-$140k/yr HybridFull Time
Versana
Versana: Real-time data platform for the syndicated loan market.
3+ YOE3+ years in software development and/or application security; secure coding in Python/Java/JavaScript/TypeScript/Go/C#; knowledge of OWASP and cloud basics; experience with security tooling.
Python, Java, JavaScript, TypeScript, Go, C#, OWASP, SAST, SCA, DAST, SBOM, CNAPP, WAF, Terraform, cloud services, container security, secret management
Job PostingView all
2mo
Save
Mark Applied
Hide
Application Security Engineer
Boulder, Colorado, United States
$96k-$146k/yr OnsiteFull Time
SciTec
SciTec: Provides advanced remote sensing and missile defense technology solutions.
2+ YOEBachelor’s degree plus 2+ years in cybersecurity or software development; 2+ years in application security; ability to obtain DoD/DoE Secret clearance.
Static analysis tools, SAST, SCA, Fuzzing tools, Coverity, Klocwork, SonarQube, Snyk, Sonatype, Anchore, JFrog Xray, AFL, honggfuzz, strace, eBPF, Ghidra, IDA Pro
Job Posting
View all
2w
Save
Mark Applied
Hide
Security Engineer, Application Security
San Francisco or New York City or London
$130k-$500k/yr OnsiteFull Time
Mercor
Mercor: Connecting expert human intelligence with frontier AI model development.
5+ YOE5+ years in application security or security engineering; strong web security knowledge; proficiency in Python, TypeScript, or Go; experience with SAST/DAST tooling and vulnerability management.
Python, TypeScript, Go, Semgrep, CodeQL, Snyk, Burp
Job Posting
View all
2mo
Save
Mark Applied
Hide
Application Security Engineer
Lisbon or Belgrade or Valencia or Warsaw or Sofia or Panama City or Birkirkara or Ontario or New Jersey
RemoteFull Time
BrainRocket
BrainRocket: Builds custom software products for fintech and igaming companies.
Senior-level application security engineer with cloud security, CI/CD, Kubernetes, AWS, and secure software delivery experience.
CI/CD, GitLab, Jenkins, Terraform, Helm, CloudFormation, Python, Shell, Docker, Istio, Kubernetes, AWS
Job Posting
View all
2w
Save
Mark Applied
Hide
Application Security Engineer
United States
$70k-$101k/yr HybridFull Time
CivicPlus
CivicPlus: Provides cloud-based software solutions for local government operations.
3+ YOE3-7 years in application security with experience in SAST/DAST/IAST and secure SDLC integration.
SAST, DAST, IAST, CI/CD, Secure Coding Practices
Job Posting
View all
6d
Save
Mark Applied
Hide
Lead Engineer, Application Security
Scottsdale, Arizona, United States
HybridFull Time
CNA National
CNA National: Administers vehicle service contracts and protection plans through dealerships.
5+ YOE5+ years application security engineering; 7+ years software development (Java/Angular); 3+ years technical leadership; strong security and coding skills across Java/Spring/Angular ecosystem.
Java, Spring Boot, Spring Security, REST, Microservices, JavaScript, TypeScript, AngularJS, Angular, HTML, CSS, JUnit, Mockito, Git, Maven, SQL, Veracode, Checkmarx, Fortify, SAST, DAST, SCA, GitHub Copilot, AI tooling, AWS, GCP, Jira, Rancher, PL/SQL, Burp Suite
Job PostingView all
1mo
Save
Mark Applied
Hide
application security engineer senior
Seattle, Washington, United States
OnsiteFull Time
Starbucks
StarbucksNASDAQ: SBUX: Operates a global chain of coffeehouses and roasteries.
6+ YOESenior application security engineer with 6+ years IT/security experience; strong testing and API/web/mobile security skills; CISSP/OSCP a plus.
Penetration Testing, DAST, Security Testing, Vulnerability Assessment, Security Incident Response, CI/CD security
Job PostingView all
1mo
Save
Mark Applied
Hide
Application Security Engineer
United States
$110k-$120k/yr RemoteFull Time
Twin Health
Twin Health: Provides AI-powered digital twin technology to reverse chronic metabolic diseases.
1+ YOE1-3+ years in application security, DevSecOps, or cloud security; strong AWS security; experience with SAST/DAST; CSPM familiarity; secure SDLC knowledge.
AWS Security Hub, GuardDuty, Inspector, Macie, Wiz, SAST, DAST, SonarCloud, Veracode, Snyk, Checkmarx, Burp Suite, Docker, Kubernetes, CI/CD
Job PostingView all
1mo
Save
Mark Applied
Hide
Application Security Engineer
United States
RemoteFull Time
Crux Security
Crux Security: Provides cybersecurity services and compliance software for business risk management.
4+ YOE4–6+ years in application security or DevSecOps; secure coding; SAST/DAST/SCA; cloud and API security; robotics context a plus.
SAST, DAST, SCA, Python, Java, Go, C/C++, ROS, ROS 2, Kubernetes, IaC, OAuth 2.0, JWT, TLS 1.3, CI/CD, GitLab CI, Jenkins
Job Posting
View all
3w
Save
Mark Applied
Hide
Application Security Engineer Prin
United States
$111k-$198k/yr RemoteFull Time
Dayforce
Dayforce: Cloud human capital management software for payroll, HR, and benefits.
Hands-on application security with software engineering background; strong API security knowledge; cloud security in Azure/AWS; experience with SAST/DAST and secure SDLC; able to mentor and enable engineering teams.
SAST, DAST, static analysis, dynamic analysis, Burp Suite, sqlmap, CI/CD, cloud security, IAM, containerization, networking
Job PostingView all
3w
Save
Mark Applied
Hide
Senior Application Security Engineer, AI
United States
$126k-$168k/yr RemoteFull Time
ServiceTitan
ServiceTitanNASDAQ: TTAN: Cloud-based business management software for home service contractors.
5+ YOE5+ years in product/application security, strong software engineering background, AI security expertise, secure SDLC experience, automation mindset.
SAST, SCA, Code Scanning, CI/CD, AI Tools
Job Posting
View all
1mo
Save
Mark Applied
Hide
Sr. Application Security Engineer
Redmond, Washington, United States
$168k-$230k/yr OnsiteFull Time
SpaceX
SpaceX: Designs and launches advanced rockets and satellite internet constellations.
5+ YOEBachelor's degree in CS or STEM or 7+ years in security software development; proficiency in Python, C++, Golang, C#; experience securing web/mobile apps.
Python, C++, Golang, C#
Job Posting
View all
3mo
Save
Mark Applied
Hide
Application Security Engineer
McLean, Virginia, United States
OnsiteContract
Steampunk
Steampunk: Design-led federal technology consulting and innovation services firm.
3+ YOEContract Application Security Engineer with vulnerability remediation, secure SDLC, and cross-team collaboration; requires ability to obtain U.S. government security clearance.
Maven, Git, Jenkins, Ansible, Java, C#/.NET, Apache Tomcat, Apache HTTP Server, IIS, F5, Oracle, MS SQL Server, PostgreSQL, AWS, Azure GovCloud, Invicti, WebInspect, DAST/IAST, Python, JIRA, Service Now, DISA STIG, PHP, SQL
Job Posting
View all
1mo
Save
Mark Applied
Hide
Application Security Engineer
United States
RemoteFull Time
New Charter Technologies
New Charter Technologies: Provides managed IT and cybersecurity services for businesses.
7+ YOE7+ years in application security; embedded security partner to engineering; GitHub Advanced Security; threat modeling; Python/Go; OWASP Top 10; SaaS security; Cloudflare & Azure security; container security; strong communication; SOC 2 familiarity
GitHub Advanced Security, GitHub Enterprise, Python, Go, Docker, Cloudflare, Azure, OWASP Top 10, DAST tools (general)
Job Posting
View all
3w
Save
Mark Applied
Hide
Application Security Engineer
Herndon, Virginia, United States
HybridFull Time
EdgeConneX
EdgeConneX: Provides global data center infrastructure and colocation services.
5+ YOE5+ years in application security; BS in Computer Science or related field; knowledge of secure coding; certifications; experience with SAST/DAST/CI/CD; cloud security; strong communication.
Burp Suite, OWASP ZAP, SAST, DAST, SCA, IAST, CI/CD, DevSecOps, AWS, Azure, GCP, Kubernetes
Job PostingView all
1mo
Save
Mark Applied
Hide
Application Security Engineer
Lehi, Utah, United States
HybridFull Time
Weave
WeaveNYSE: WEAV: Communication and payment software for small healthcare practices
2+ YOE2+ years as a security researcher or application security engineer; experience with SAST/DAST, threat modeling, risk analysis; strong communication; AWS/GCP knowledge; able to drive security initiatives.
SAST/DAST, static code analysis, dynamic code scanning, dependency code scanning, AWS, GCP, Linux, Windows
Job PostingView all
1mo
Save
Mark Applied
Hide
Senior Application Security Developer
United States or Canada
$166k-$225k/yr HybridFull Time
Clio
Clio: Cloud-based legal practice management software and AI solutions.
5+ YOE5+ years in Ruby, Python, JavaScript; secure software development; CI/CD; cloud security; threat modelling; architecture review; security tooling experience.
Ruby, Python, JavaScript, CI/CD, Static Analysis, Vulnerability Scanning
Job PostingView all
2mo
Save
Mark Applied
Hide
Application Security Engineer
Boston or San Francisco
$130k-$170k/yr HybridFull Time
Starburst
Starburst: Provides a software platform for distributed data analytics.
3+ YOEBS in CS/Engineering or equivalent; 2–5 years in application security; knowledge of OWASP Top 10; CI/CD, cloud security; programming in Python/Go/Java/JS/Ruby; experience with security tools and secure coding.
CI/CD, SAST, DAST, SCA, secrets scanning, OWASP ZAP, Burp Suite, dependency scanning, cloud platforms, programming languages
Job PostingView all
1mo
Save
Mark Applied
Hide
Application Security Engineer
United States
RemoteFull Time
H.W. Kaufman Group
H.W. Kaufman Group: Global specialty insurance organization providing brokerage and underwriting services.
5+ YOE5+ years in application security; secure coding; OWASP Top 10; experience with SAST/DAST, endpoint security tools; CI/CD security integration; regulatory compliance (NYDFS, GDPR, SOC 2); scripting (Python/PowerShell/Bash); AI security governance.
Burp Suite, Fortify, Veracode, Docker, Kubernetes, SAST, DAST, Software Composition Analysis (SCA), BlackDuck/Polaris, Apex code (Salesforce)
Job PostingView all
3w
Save
Mark Applied
Hide
Application Security Engineer
Coral Gables or Florida or Texas or South Carolina or Pennsylvania or Massachusetts or Illinois or Georgia or North Carolina or Florida
$110k-$130k/yr HybridFull Time
Ryder
RyderNYSE: R: Provides commercial vehicle leasing, logistics, and supply chain solutions.
5+ YOE5+ years OWASP, SAST, DAST, SCA, RASP; 7+ years in application security or related field; strong web security knowledge; secure SDLC; Bachelor's in CS; CISSP/OSCP/CASE preferred.
SAST, DAST, OWASP, SCA, RASP, WAF, CI/CD, Azure DevOps, Terraform, Python, JavaScript, .NET
Job PostingView all
3d
Save
Mark Applied
Hide
Application Security Engineer
United States
$100k-$156k/yr RemoteFull Time
Meijer
Meijer: Midwestern retail chain operating supercenters with groceries and merchandise
2+ YOESecure application design, threat modeling, and secure coding; SDLC security expertise; 2-3 years exp including 1 year coding; OWASP Top 10 familiarity; agile/SAFe preferred.
C#, Java, C++, OWASP
Job Posting
View all
1mo
Save
Mark Applied
Hide
Application Security Engineer
Edina, Minnesota, United States
$126k-$180k/yr HybridFull Time
Western National Insurance Group
Western National Insurance Group: Provides property and casualty insurance to individuals and businesses.
3+ YOE3+ years in application security; 10+ years IT; build app security program; proficient in Java or Python; experience with SAST/DAST/CI/CD; strong communication.
SAST, DAST, SCA, OWASP ZAP, Burp Suite, CI/CD, GitHub
Job PostingView all
2mo
Save
Mark Applied
Hide
Application Security Engineer
San Francisco or New York
$165k-$200k/yr HybridFull Time
Notion
Notion: All-in-one digital workspace for documents, tasks, and collaboration.
3+ YOE3+ years of security architecture experience; ability to lead cross-functional security projects; strong problem-solving and communication skills; startup mindset; interest in AI tools for security.
Static analysis, Dynamic analysis, Security tooling
Job PostingView all
1mo
Save
Mark Applied
Hide
Application Security Engineer
Edina, Minnesota, United States
$126k-$180k/yr HybridFull Time
Western National Insurance Group
Western National Insurance Group: Provides property and casualty insurance for individuals and businesses.
3+ YOE3+ years in application security; 10+ years IT; build app security program; proficient in Java/Python/C#; experience with SAST/DAST/CI/CD; mentor; strong communication; BS in information security or related field.
OWASP ZAP, Burp Suite, SAST, SCA, DAST, CI/CD, GitHub
Job PostingView all
1w
Save
Mark Applied
Hide
Application Security Engineer
Charlotte, North Carolina, United States
OnsiteFull Time
Total Quality Logistics
Total Quality Logistics: Third-party logistics provider connecting business shippers with freight carriers.
3+ YOE3+ years in application security or software engineering; strong web architecture and OWASP Top 10 knowledge; security testing tools experience; cloud familiarity; strong risk communication; DevSecOps and container/Kubernetes security a plus.
Snyk, Veracode, Checkmarx, Burp Suite, OWASP ZAP, OAuth, OIDC, JWT, SAML
Job Posting
View all
1mo
Save
Mark Applied
Hide
Application Security Engineer (AppSec)
San Juan, Puerto Rico, United States
HybridFull Time
Zenus
Zenus: Digital bank providing US bank accounts to global customers.
3+ YOE3+ years in application security, secure software development, or ethical hacking; knowledge of secure coding principles and OWASP Top 10; experience with SAST/DAST/SCA and manual testing; REST APIs security; strong documentation.
SAST, DAST, SCA, REST API, OWASP Top 10, CI/CD security
Job PostingView all
4d
Save
Mark Applied
Hide
Application Security Engineer
Plano or Atlanta or Boston or Morristown or St. Louis or St. Petersburg or Hyderabad
$105k-$133k/yr HybridFull Time
Zelis
Zelis: Providing healthcare payment and claims cost management solutions.
8+ YOEExperience in application security engineering; strong background in security for software; collaboration with AI tools; ERP/system design; leadership and project management; data modeling; stakeholder management; familiarity with compliance.
AI tools, ERP systems, Workflow automation, Data analytics
Job PostingView all
4d
Save
Mark Applied
Hide
Security Engineer, Application Security
United States
$100k-$200k/yr RemoteFull Time
Trail of Bits
Trail of Bits: Provides high-end security research and software auditing services.
Application security assessments, manual code review, static/dynamic analysis, security tooling, programming across multiple languages.
Rust, Golang, Kotlin, Swift, JavaScript, TypeScript, Python, Ruby, C, C++
Job Posting
View all
1mo
Save
Mark Applied
Hide
Application Security Engineer
United States
$131k-$235k/yr RemoteFull Time
Arcadia
Arcadia: Provides a software platform for utility data and renewable energy.
3+ YOE3–5 years of dedicated Application Security experience in SaaS/cloud-native environments; hands-on with SAST/DAST/SCA/CSPM tooling; strong CI/CD knowledge; experience with container and API security; ability to communicate risk to non-security engineers.
SAST, DAST, SCA, CSPM, Snyk, Checkmarx, Semgrep, Wiz, GitHub Actions, Jenkins, GitLab CI, Docker, Kubernetes, REST, GraphQL
Job PostingView all
2mo
Save
Mark Applied
Hide
Application Security Engineer
United States
$120k-$140k/yr RemoteFull Time
Lumin Digital
Lumin Digital: Provides cloud-native digital banking platforms for financial institutions.
4+ YOE4 years in application security/engineering; 3 years identifying vulnerabilities; experience with AWS, Git, and vulnerability platforms; Bachelor's degree or equivalent.
Veracode, Qualys, Rapid7, Burp, AWS, Git
Job PostingView all
1mo
Save
Mark Applied
Hide
Application Security Engineer
San Francisco, California, United States
$232k-$318k/yr OnsiteFull Time
Retool
Retool: Software platform for building custom internal business applications.
5+ YOE5+ years hands-on application security; independent, fast-moving; strong tooling and engineering focus; proficient with TypeScript and Python; good communication.
TypeScript, Python, Static analysis, Linters, Security testing tooling
Job PostingView all
2mo
Save
Mark Applied
Hide
Sr. Application Security Engineer
San Francisco or Salt Lake City or St. Louis or Boston or Prague or Berlin or Munich or Warsaw or Bratislava or Toronto
$150k-$190k/yr RemoteFull Time
vCluster Labs
vCluster Labs: Creates virtual environments for managing shared cloud computing clusters.
5+ YOE5+ years in application security with container security, Kubernetes RBAC, and Go proficiency.
Go, Kubernetes, CI/CD, Python
Job PostingView all
2w
Save
Mark Applied
Hide
Application Security Engineer
Reno or United States
$80k-$110k/yr RemoteFull Time
Clear Capital
Clear Capital: AI-driven real estate valuation and property data solutions.
3+ YOE3-5 years in application security testing; degree in CS/IT/Software Eng or equivalent; certifications: C|ASE, CSSLP, GWAPT; experience with OWASP Top Ten; SDLC; secure coding practices; strong communication.
DAST, SAST, OSS security, SCA, Infrastructure as Code
Job PostingView all
1w
Save
Mark Applied
Hide
Senior Application Security Engineer
Mexico City or Mexico City or Miami
RemoteFull Time
Félix Pago
Félix Pago: Remittance platform for money transfers via WhatsApp messaging.
Proven experience in application security engineering; CI/CD security, SAST/DAST/SCA, IaC scanning; Python; cloud-native environments; vulnerability management; DefectDojo; Terraform; Checkov; SOC 2/PCI familiarity.
GitHub Actions, SAST, DAST, SCA, IaC scanning, Secret scanning, DefectDojo, Terraform, Checkov, GCP, Kubernetes, Docker, Python
Job PostingView all
3w
Save
Mark Applied
Hide
Application Security Engineer Prin
United States
$111k-$198k/yr RemoteFull Time
Dayforce
Dayforce: Provides cloud-based human capital management software and services.
Hands-on application security with software engineering background; strong API security, cloud security (Azure/AWS), secure SDLC, and SAST/DAST tooling.
C#, Java, Python, OAuth2, OIDC, SAST, DAST, Burp Suite, sqlmap, CI/CD, Azure, AWS, IAM, containerization
Job PostingView all
2w
Save
Mark Applied
Hide
Application Security Engineer
Tampa, Florida, United States
$95k-$145k/yr RemoteFull Time
Suncoast Credit Union
Suncoast Credit Union: Provides consumer banking and financial services to member owners.
3+ YOEBachelor’s degree in computer science or related field; 3+ years secure development; strong secure coding and architecture knowledge; experience in .NET, C++, and C#; cybersecurity certifications preferred.
SAST, DAST, Penetration Testing, Secure Coding, Code Review, Vulnerability Scanning
Job PostingView all
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer
United States
$165k-$185k/yr RemoteFull Time
Limble
Limble: Develops software to manage and automate maintenance operations and assets.
5+ YOE5–8+ years in application security; strong web/API security; cloud SaaS security; OWASP Top 10 and secure SDLC; ability to influence engineering.
AWS, GitHub, Wiz, SAST, SCA, SBOM, DAST, Jira, Cursor, Claude
Job PostingView all
2mo
Save
Mark Applied
Hide
Application Security Engineer
United States
$135k-$225k/yr RemoteFull Time
Rubrik
RubrikNYSE: RBRK: Provides enterprise cloud data management and cyber resilience solutions.
5+ YOE5+ years in Application Security; BS/MS in CS/IT; knowledge of FedRAMP, SOC2, ISO 27001; web, cloud attack vectors; programming in Python, Go, Scala, C/C++, Javascript/Typescript; CI/CD, Kubernetes, Docker; AWS/GCP/Azure; security maturity models
CI/CD, Kubernetes, Docker, Microservices, AWS, Azure, GCP, Python, Go, Scala, C/C++, JavaScript, TypeScript
Job PostingView all

HiringCafe market data

Application Security Developer Jobs market signals in United States

These signals come from live HiringCafe job inventory, not a static article. Use them to compare the market, then open listings above to apply directly.

Open jobs
620+
Hiring companies
420+
Fresh sample
39% new in 30d
Salary visibility
63% show pay

Companies appearing in this market

SteampunkBrainRocketSciTecTotal Quality LogisticsCivicPlusCrux SecurityDayforceMeijer

Work location mix in visible results

Remote: 28Onsite: 15Hybrid: 14

Related browse hubs

Jobs in United StatesGovernment JobsEngineering JobsCustomer Service JobsGraphic Designer JobsEntry Level JobsFull Time JobsHigh Paying Jobs