Senior Application Security Engineer

An established internet-facing tech company is seeking an experienced Senior Application Security Engineer to lead their application security program in San Francisco.

The successful incumbent will come from software engineering with 5-7 years of experience in application security, OWASP top 10, and Python, ideally in a medium-to-large internet company. She or he should have a proven track record successfully working with engineering teams regarding product security.

Must Haves:

  • 5+ yrs in Application Security
  • 3+ yrs as a Developer
  • Strong knowledge of UNIX operating systems, command line usage, and system administration
  • Proven ability to guide engineering teams through infosec design
  • Advanced programming abilities in Python or similar programming language
  • Advanced knowledge of the AWS environment and underlying security model
  • Mastery of security principles including confidentiality and integrity of data, authentication and authorization protocols, and other cryptographic protocols
  • Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies
  • Bachelor or Masters Degree in Computer Science or comparable field


  • Django open-source framework
  • Microservice architectures
  • Compliance (SOC2, PCI-DSS, ISO 27001, etc)

This position is a full-time, permanent position with competitive pay and “startup” perks. Local candidates strongly preferred.


This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.