Application Security Engineer

Equinix is the world’s digital infrastructure company®, shortening the path to connectivity to enable the innovations that enrich our work, life and planet.

A place where bold ideas are welcomed, human connection is valued, and everyone has the opportunity to shape their future.

Help us challenge assumptions, uncover bias, and remove barriers—because progress starts with fresh ideas. You’ll find belonging, purpose, and a team that welcomes you—because when you feel valued, you’re empowered to do your best work.

The Application Security Engineer will be responsible for strengthening and continuously improving the security posture of the applications. This role involves integrating security best practices into the application development lifecycle, automating security controls, and implementing infrastructure and configuration as code. In addition to a focus on Information Security, this role will work collaboratively closely with application teams to assess vulnerabilities and guide secure remediation strategies.

• Familiar with information security concepts, standards, and trends
• Able to implement and maintain infrastructure and configuration as code
• Driven to learn new things; excited about challenges and finding solutions
• A strong builder mentality with a drive to “see things through”
• Able to interpret and apply security principles and standards to designs, configurations, and policies
• Able to communicate technical concepts and details to peers and management clearly and concisely
• Able to demonstrate good judgment concerning the confidentiality, availability, and integrity of information

• Embed Security controls and tools into CI/CD pipelines (SAST, SCA, DAST, Secrets Scanning)
• Implement shift-left security practices to ensure vulnerabilities are detected and remediated early in the SDLC lifecycle
• Work with application teams on secure design principles, threat modeling, architecture reviews, and guide them with remediation strategies
• Design, build, document, and maintain efficient, reusable, and reliable code for Security Orchestration, Automation, and Response (SOAR) policy as code, and Security Operations and Analytics platforms
• Model the Equinix culture and values

• Hands‑on experience with CI/CD tools (ideally GitHub Actions)
• Strong working knowledge of how to implement secure systems using public cloud services (any major cloud provider)
• Functional understanding of SAST, SCA, and DAST concepts
• Experience building automations and services in Terraform, Ansible, Python, etc.
• Assess application security risks and recommend solutions aligned with industry standards (OWASP, NIST, CIS Benchmarks)
• Knowledge of authentication and authorization technologies and methods (SAML, HMAC, OAuth, etc.)
• Partner with application teams to remediate vulnerabilities and adopt secure coding practices
• Demonstrated ability to work within globally dispersed and cross‑functional teams

• 4+ years’ work experience in Security Engineering or DevSecOps in a medium or large corporate environment; or a college degree in computer science, data communications, electrical or computer engineering and 3 years’ work experience
• Demonstrated hands‑on experience with the following technologies (at least a couple)
  • SCA (any of Apiiro, Nexus IQ, Snyk, etc.)
  • SonarQube
  • API security, DAST (Traceable)
  • OPSWAT MetaDefender
  • Terraform
• Experience with distributed systems – microservices, Kubernetes, etc.

Equinix is committed to ensuring that our employment process is open to all individuals, including those with a disability. If you are a qualified candidate and need assistance or an accommodation, please let us know by completing this form.

Equinix is an Equal Employment Opportunity and, in the U.S., an affirmative action employer. All qualified applicants will receive consideration for employment without regard to unlawful consideration of race, color, religion, creed, national or ethnic origin, ancestry, place of birth, citizenship, sex, pregnancy / childbirth or related medical conditions, sexual orientation, gender identity or expression, marital or domestic partnership status, age, veteran or military status, physical or mental disability, medical condition, genetic information, political / organizational affiliation, status as a victim or family member of a victim of crime or abuse, or any other status protected by applicable law.