United StatesRemote · Hybrid · Onsite · All Environments

📣 HiringCafe is hiring a Founding Growth Hacker! Learn More · Apply here

National browse hub

Security Engineer Application Security Jobs in United States

590+ security engineer application security jobs from 400+ companies hiring in United States.

Explore by state:California·Texas·New York·Florida·Illinois·Pennsylvania·Ohio·North Carolina·Michigan·Georgia·New Jersey·Virginia·Massachusetts·Washington·Indiana·Tennessee·Arizona·Missouri·Maryland·Wisconsin·Minnesota·Colorado·Alabama·Louisiana·South Carolina·Kentucky·Oregon·Oklahoma·Connecticut·Iowa·Mississippi·Arkansas·Kansas·Utah·Nevada·New Mexico·West Virginia·Nebraska·Idaho·Maine·New Hampshire·Hawaii·Rhode Island·Montana·Delaware·South Dakota·Alaska·North Dakota·Vermont·District of Columbia·Wyoming

Join our community Talent Network

599 jobs- United States

Save

Mark Applied

Hide

Security Engineer, Application Security

San Francisco or New York City or London

$130k-$500k/yr OnsiteFull Time

Mercor: Connecting expert human intelligence with frontier AI model development.

5+ YOE5+ years in application security or security engineering; strong web security knowledge; proficiency in Python, TypeScript, or Go; experience with SAST/DAST tooling and vulnerability management.

Python, TypeScript, Go, Semgrep, CodeQL, Snyk, Burp

Job Posting

View all

Save

Mark Applied

Hide

Application Security Engineer Prin

United States

$111k-$198k/yr RemoteFull Time

Dayforce: Cloud human capital management software for payroll, HR, and benefits.

Hands-on application security with software engineering background; strong API security knowledge; cloud security in Azure/AWS; experience with SAST/DAST and secure SDLC; able to mentor and enable engineering teams.

SAST, DAST, static analysis, dynamic analysis, Burp Suite, sqlmap, CI/CD, cloud security, IAM, containerization, networking

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

application security engineer senior

Seattle, Washington, United States

OnsiteFull Time

StarbucksNASDAQ: SBUX: Operates a global chain of coffeehouses and roasteries.

6+ YOESenior application security engineer with 6+ years IT/security experience; strong testing and API/web/mobile security skills; CISSP/OSCP a plus.

Penetration Testing, DAST, Security Testing, Vulnerability Assessment, Security Incident Response, CI/CD security

Job Posting View all

Save

Mark Applied

Hide

Senior Application Security Engineer

United States

$180k-$190k/yr RemoteFull Time

Branch: Provides digital banking and on-demand payment solutions for workers.

5+ YOE5–7 years in security engineering or application security; strong communication; hands-on SAST/DAST; cloud security; API security; security frameworks familiar; scripting in Python/Bash; security certifications a plus.

Semgrep, Snyk, Checkmarx, Burp Suite Pro, Python, Bash, Tines, XSOAR, Torq, OWASP LLM Top 10, MITRE ATLAS

Job Posting View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

Lisbon or Belgrade or Valencia or Warsaw or Sofia or Panama City or Birkirkara or Ontario or New Jersey

RemoteFull Time

BrainRocket: Builds custom software products for fintech and igaming companies.

Senior-level application security engineer with cloud security, CI/CD, Kubernetes, AWS, and secure software delivery experience.

CI/CD, GitLab, Jenkins, Terraform, Helm, CloudFormation, Python, Shell, Docker, Istio, Kubernetes, AWS

Job Posting

View all

2mo

Save

Mark Applied

Hide

2mo

Senior Application Security Engineer

Austin or Dallas or Morristown or San Francisco Bay Area

$160k-$235k/yr HybridFull Time

HippoNYSE: HIPO: Provides homeowners insurance integrated with smart home monitoring technology.

6+ YOE6+ years in application security; proven track record across multiple teams; strong web, API, and cloud security experience; proficient in authentication/identity protocols; ability to influence design decisions.

SAST, DAST, SCA, Secrets detection, CI/CD, Cloud security, WAFs, OAuth2, OIDC, SAML, JWT, MFA

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

Lindon, Utah, United States

OnsiteFull Time

Awardco: Software platform for employee recognition and corporate rewards programs.

6+ YOE6+ years in application security or security-focused software engineering; cloud SaaS security; OWASP Top 10; modern languages; security tooling; CI/CD integration.

SAST, DAST, Dependency scanning, Container scanning, GitHub Advanced Security, Snyk, Wiz, CI/CD pipelines

Job Posting View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

McLean, Virginia, United States

OnsiteContract

Steampunk: Design-led federal technology consulting and innovation services firm.

3+ YOEContract Application Security Engineer with vulnerability remediation, secure SDLC, and cross-team collaboration; requires ability to obtain U.S. government security clearance.

Maven, Git, Jenkins, Ansible, Java, C#/.NET, Apache Tomcat, Apache HTTP Server, IIS, F5, Oracle, MS SQL Server, PostgreSQL, AWS, Azure GovCloud, Invicti, WebInspect, DAST/IAST, Python, JIRA, Service Now, DISA STIG, PHP, SQL

Job Posting

View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

San Francisco or New York

$165k-$200k/yr HybridFull Time

Notion: All-in-one digital workspace for documents, tasks, and collaboration.

3+ YOE3+ years of security architecture experience; ability to lead cross-functional security projects; strong problem-solving and communication skills; startup mindset; interest in AI tools for security.

Static analysis, Dynamic analysis, Security tooling

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

United States

RemoteFull Time

New Charter Technologies: Provides managed IT and cybersecurity services for businesses.

7+ YOE7+ years in application security; embedded security partner to engineering; GitHub Advanced Security; threat modeling; Python/Go; OWASP Top 10; SaaS security; Cloudflare & Azure security; container security; strong communication; SOC 2 familiarity

GitHub Advanced Security, GitHub Enterprise, Python, Go, Docker, Cloudflare, Azure, OWASP Top 10, DAST tools (general)

Job Posting

View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

Lehi, Utah, United States

HybridFull Time

WeaveNYSE: WEAV: Communication and payment software for small healthcare practices

2+ YOE2+ years as a security researcher or application security engineer; experience with SAST/DAST, threat modeling, risk analysis; strong communication; AWS/GCP knowledge; able to drive security initiatives.

SAST/DAST, static code analysis, dynamic code scanning, dependency code scanning, AWS, GCP, Linux, Windows

Job Posting View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

Boston or San Francisco

$130k-$170k/yr HybridFull Time

Starburst: Provides a software platform for distributed data analytics.

3+ YOEBS in CS/Engineering or equivalent; 2–5 years in application security; knowledge of OWASP Top 10; CI/CD, cloud security; programming in Python/Go/Java/JS/Ruby; experience with security tools and secure coding.

CI/CD, SAST, DAST, SCA, secrets scanning, OWASP ZAP, Burp Suite, dependency scanning, cloud platforms, programming languages

Job Posting View all

Save

Mark Applied

Hide

Security Engineer (Application Security)

New York or Raleigh

RemoteFull Time

Contentful: SaaS platform for headless content management and delivery.

4+ YOE4+ years in security engineering/DevSecOps with AWS, Python; Kubernetes and Terraform experience; security tooling, vulnerability management, incident response; strong communication.

AWS, Python, Kubernetes, Terraform, JavaScript, Go, OAuth, SAML, JWT, IAM, Security tooling, Vulnerability management, Incident response

Job Posting

View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

United States

$110k-$120k/yr RemoteFull Time

Twin Health: Provides AI-powered digital twin technology to reverse chronic metabolic diseases.

1+ YOE1-3+ years in application security, DevSecOps, or cloud security; strong AWS security; experience with SAST/DAST; CSPM familiarity; secure SDLC knowledge.

AWS Security Hub, GuardDuty, Inspector, Macie, Wiz, SAST, DAST, SonarCloud, Veracode, Snyk, Checkmarx, Burp Suite, Docker, Kubernetes, CI/CD

Job Posting View all

Save

Mark Applied

Hide

Product and Application Security Engineer

United States

$150k-$180k/yr RemoteFull Time

SungrowShenzhen Stock Exchange: 300274: Manufactures solar inverters and energy storage systems for clean power.

6+ YOE6–10+ years in product security, embedded security, application security, or IoT security; hands-on across stack; SDLC security; vulnerability management; AI/automation experience.

SAST, DAST, SCA, firmware analysis, static analysis, dynamic analysis, penetration testing, network testing, cloud security, SBOM/HBOM

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

United States

$70k-$101k/yr HybridFull Time

CivicPlus: Provides cloud-based software solutions for local government operations.

3+ YOE3-7 years in application security with experience in SAST/DAST/IAST and secure SDLC integration.

SAST, DAST, IAST, CI/CD, Secure Coding Practices

Job Posting

View all

Save

Mark Applied

Hide

Application Security Engineer

Charlotte, North Carolina, United States

OnsiteFull Time

Total Quality Logistics: Third-party logistics provider connecting business shippers with freight carriers.

3+ YOE3+ years in application security or software engineering; strong web architecture and OWASP Top 10 knowledge; security testing tools experience; cloud familiarity; strong risk communication; DevSecOps and container/Kubernetes security a plus.

Snyk, Veracode, Checkmarx, Burp Suite, OWASP ZAP, OAuth, OIDC, JWT, SAML

Job Posting

View all

3mo

Save

Mark Applied

Hide

3mo

Application Security Engineer

Boston, Massachusetts, United States

$100k-$160k/yr HybridFull Time

HarbourVest: Manages global private equity, debt, and real asset investments.

3+ YOE3-5 years in application security; secure software development; OWASP Top 10; fintech/compliance context; security certifications a plus.

SAST, DAST, SCA, CI/CD, DevSecOps, Cloud Platforms, Containers, Infrastructure as Code, Cursor, GitHub Copilot, ChatGPT Codex

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

United States

RemoteFull Time

Crux Security: Provides cybersecurity services and compliance software for business risk management.

4+ YOE4–6+ years in application security or DevSecOps; secure coding; SAST/DAST/SCA; cloud and API security; robotics context a plus.

SAST, DAST, SCA, Python, Java, Go, C/C++, ROS, ROS 2, Kubernetes, IaC, OAuth 2.0, JWT, TLS 1.3, CI/CD, GitLab CI, Jenkins

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

Plano or Atlanta or Boston or Morristown or St. Louis or St. Petersburg or Hyderabad

$105k-$133k/yr HybridFull Time

Zelis: Providing healthcare payment and claims cost management solutions.

8+ YOEExperience in application security engineering; strong background in security for software; collaboration with AI tools; ERP/system design; leadership and project management; data modeling; stakeholder management; familiarity with compliance.

AI tools, ERP systems, Workflow automation, Data analytics

Job Posting View all

Save

Mark Applied

Hide

Senior Application Security Engineer

New York, New York, United States

$187k-$240k/yr HybridFull Time

DatadogNASDAQ: DDOG: Observability and security platform for cloud applications and infrastructure.

Experience building distributed systems; design security controls; Go or Python; implement scalable security systems; collaborate with engineering teams.

Go, Python, APIs, MTLS, Identity and access management, Policy engines

Job Posting

View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

United States

$131k-$235k/yr RemoteFull Time

Arcadia: Provides a software platform for utility data and renewable energy.

3+ YOE3–5 years of dedicated Application Security experience in SaaS/cloud-native environments; hands-on with SAST/DAST/SCA/CSPM tooling; strong CI/CD knowledge; experience with container and API security; ability to communicate risk to non-security engineers.

SAST, DAST, SCA, CSPM, Snyk, Checkmarx, Semgrep, Wiz, GitHub Actions, Jenkins, GitLab CI, Docker, Kubernetes, REST, GraphQL

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer Prin

United States

$111k-$198k/yr RemoteFull Time

Dayforce: Provides cloud-based human capital management software and services.

Hands-on application security with software engineering background; strong API security, cloud security (Azure/AWS), secure SDLC, and SAST/DAST tooling.

C#, Java, Python, OAuth2, OIDC, SAST, DAST, Burp Suite, sqlmap, CI/CD, Azure, AWS, IAM, containerization

Job Posting View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

New York, New York, United States

$110k-$140k/yr HybridFull Time

Versana: Real-time data platform for the syndicated loan market.

3+ YOE3+ years in software development and/or application security; secure coding in Python/Java/JavaScript/TypeScript/Go/C#; knowledge of OWASP and cloud basics; experience with security tooling.

Python, Java, JavaScript, TypeScript, Go, C#, OWASP, SAST, SCA, DAST, SBOM, CNAPP, WAF, Terraform, cloud services, container security, secret management

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

Herndon, Virginia, United States

HybridFull Time

EdgeConneX: Provides global data center infrastructure and colocation services.

5+ YOE5+ years in application security; BS in Computer Science or related field; knowledge of secure coding; certifications; experience with SAST/DAST/CI/CD; cloud security; strong communication.

Burp Suite, OWASP ZAP, SAST, DAST, SCA, IAST, CI/CD, DevSecOps, AWS, Azure, GCP, Kubernetes

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

United States

RemoteFull Time

H.W. Kaufman Group: Global specialty insurance organization providing brokerage and underwriting services.

5+ YOE5+ years in application security; secure coding; OWASP Top 10; experience with SAST/DAST, endpoint security tools; CI/CD security integration; regulatory compliance (NYDFS, GDPR, SOC 2); scripting (Python/PowerShell/Bash); AI security governance.

Burp Suite, Fortify, Veracode, Docker, Kubernetes, SAST, DAST, Software Composition Analysis (SCA), BlackDuck/Polaris, Apex code (Salesforce)

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

North America or Europe

$195k-$210k/yr RemoteFull Time

Strike: Financial platform for cryptocurrency trading and global payments.

Engineering background with GCP, Kubernetes, code reviews; SIEM, Terraform; security mindset; bridge security and engineering.

Google Cloud Platform, Kubernetes, Terraform, WAF, SIEM, Cloudflare

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Senior Application Security Engineer

United States

$165k-$185k/yr RemoteFull Time

Limble: Develops software to manage and automate maintenance operations and assets.

5+ YOE5–8+ years in application security; strong web/API security; cloud SaaS security; OWASP Top 10 and secure SDLC; ability to influence engineering.

AWS, GitHub, Wiz, SAST, SCA, SBOM, DAST, Jira, Cursor, Claude

Job Posting View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

United States

$120k-$140k/yr RemoteFull Time

Lumin Digital: Provides cloud-native digital banking platforms for financial institutions.

4+ YOE4 years in application security/engineering; 3 years identifying vulnerabilities; experience with AWS, Git, and vulnerability platforms; Bachelor's degree or equivalent.

Veracode, Qualys, Rapid7, Burp, AWS, Git

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

San Francisco, California, United States

$232k-$318k/yr OnsiteFull Time

Retool: Software platform for building custom internal business applications.

5+ YOE5+ years hands-on application security; independent, fast-moving; strong tooling and engineering focus; proficient with TypeScript and Python; good communication.

TypeScript, Python, Static analysis, Linters, Security testing tooling

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

Coral Gables or Florida or Texas or South Carolina or Pennsylvania or Massachusetts or Illinois or Georgia or North Carolina or Florida

$110k-$130k/yr HybridFull Time

RyderNYSE: R: Provides commercial vehicle leasing, logistics, and supply chain solutions.

5+ YOE5+ years OWASP, SAST, DAST, SCA, RASP; 7+ years in application security or related field; strong web security knowledge; secure SDLC; Bachelor's in CS; CISSP/OSCP/CASE preferred.

SAST, DAST, OWASP, SCA, RASP, WAF, CI/CD, Azure DevOps, Terraform, Python, JavaScript, .NET

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

United States

$100k-$156k/yr RemoteFull Time

Meijer: Midwestern retail chain operating supercenters with groceries and merchandise

2+ YOESecure application design, threat modeling, and secure coding; SDLC security expertise; 2-3 years exp including 1 year coding; OWASP Top 10 familiarity; agile/SAFe preferred.

C#, Java, C++, OWASP

Job Posting

View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

Edina, Minnesota, United States

$126k-$180k/yr HybridFull Time

Western National Insurance Group: Provides property and casualty insurance for individuals and businesses.

3+ YOE3+ years in application security; 10+ years IT; build app security program; proficient in Java/Python/C#; experience with SAST/DAST/CI/CD; mentor; strong communication; BS in information security or related field.

OWASP ZAP, Burp Suite, SAST, SCA, DAST, CI/CD, GitHub

Job Posting View all

1mo

Save

Mark Applied

Hide

1mo

Application Security Engineer

Edina, Minnesota, United States

$126k-$180k/yr HybridFull Time

Western National Insurance Group: Provides property and casualty insurance to individuals and businesses.

3+ YOE3+ years in application security; 10+ years IT; build app security program; proficient in Java or Python; experience with SAST/DAST/CI/CD; strong communication.

SAST, DAST, SCA, OWASP ZAP, Burp Suite, CI/CD, GitHub

Job Posting View all

2mo

Save

Mark Applied

Hide

2mo

Sr. Application Security Engineer

San Francisco or Salt Lake City or St. Louis or Boston or Prague or Berlin or Munich or Warsaw or Bratislava or Toronto

$150k-$190k/yr RemoteFull Time

vCluster Labs: Creates virtual environments for managing shared cloud computing clusters.

5+ YOE5+ years in application security with container security, Kubernetes RBAC, and Go proficiency.

Go, Kubernetes, CI/CD, Python

Job Posting View all

Save

Mark Applied

Hide

Application Security Engineer

Reno or United States

$80k-$110k/yr RemoteFull Time

Clear Capital: AI-driven real estate valuation and property data solutions.

3+ YOE3-5 years in application security testing; degree in CS/IT/Software Eng or equivalent; certifications: C|ASE, CSSLP, GWAPT; experience with OWASP Top Ten; SDLC; secure coding practices; strong communication.

DAST, SAST, OSS security, SCA, Infrastructure as Code

Job Posting View all

Save

Mark Applied

Hide

Security Engineer, Application Security

United States

$100k-$200k/yr RemoteFull Time

Trail of Bits: Provides high-end security research and software auditing services.

Application security assessments, manual code review, static/dynamic analysis, security tooling, programming across multiple languages.

Rust, Golang, Kotlin, Swift, JavaScript, TypeScript, Python, Ruby, C, C++

Job Posting

View all

Save

Mark Applied

Hide

Staff, Application Security Engineer - Product Security

Bentonville or Herndon

$110k-$264k/yr OnsiteFull Time

WalmartNasdaq: WMT: Operates a global chain of retail and warehouse stores.

4+ YOEBachelor's degree in CS/IT/Engineering or related field; 4+ years in application security or 6 years without degree.

SAST, SCA, Threat Modeling, OWASP, Code Review

Job Posting

View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer

Boulder, Colorado, United States

$96k-$146k/yr OnsiteFull Time

SciTec: Provides advanced remote sensing and missile defense technology solutions.

2+ YOEBachelor’s degree plus 2+ years in cybersecurity or software development; 2+ years in application security; ability to obtain DoD/DoE Secret clearance.

Static analysis tools, SAST, SCA, Fuzzing tools, Coverity, Klocwork, SonarQube, Snyk, Sonatype, Anchore, JFrog Xray, AFL, honggfuzz, strace, eBPF, Ghidra, IDA Pro

Job Posting

View all

2mo

Save

Mark Applied

Hide

2mo

Application Security Engineer (Cloud)

Plano, Texas, United States

HybridFull Time

Toyota Connected: Provides cloud-based mobility services and data analytics for vehicles.

3+ YOE3+ years in Application Security/DevSecOps; threat modeling; AWS; IaC tools; CI/CD; API security; Linux; scripting; Secure SDLC/OWASP.

AWS, Terraform, OpenTofu, CloudFormation, Crossplane, CI/CD, SAST, DAST, Python, Bash, PowerShell

Job Posting View all

HiringCafe market data

Security Engineer Application Security Jobs market signals in United States

These signals come from live HiringCafe job inventory, not a static article. Use them to compare the market, then open listings above to apply directly.

Open jobs

590+

Hiring companies

400+

Fresh sample

41% new in 30d

Salary visibility

64% show pay

Companies appearing in this market

ContentfulSteampunkTotal Quality LogisticsBrainRocketSciTecTrail of BitsCivicPlusDatadog

Work location mix in visible results

Remote: 27Onsite: 18Hybrid: 16

Related browse hubs

Jobs in United States Government Jobs Engineering Jobs Customer Service Jobs Graphic Designer Jobs Entry Level Jobs Full Time Jobs High Paying Jobs