Enable job alerts via email!

Senior Application Security Engineer

Branch Metrics

California (MO)

Hybrid

USD 165,000 - 210,000

Full time

Today

Be an early applicant

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An innovative firm is on the lookout for a Senior Application Security Engineer to enhance its security practices within the engineering team. This pivotal role involves assessing and maturing the secure software development lifecycle (SDLC), implementing security best practices, and fostering a culture of security through the Security Champions program. The ideal candidate will possess extensive experience in application security, API security, and vulnerability management. Join a collaborative environment where your expertise will directly influence the security posture of a leading digital solutions provider, ensuring robust and secure interactions across platforms.

Qualifications

5+ years as a Security Engineer focusing on application security.
Experience with OWASP Top 10 for Web Apps & APIs.

Responsibilities

Assess secure SDLC processes and recommend security best practices.
Collaborate on developing the Security Champions program.

Skills

Application Security

API Security

Vulnerability Scanning

OWASP Top 10

SAST

DAST

Compliance Reporting

Analytical Skills

Communication Skills

Education

Bachelor's in Computer Science

Master's in Computer Engineering

Tools

API Gateways

Microservices

Cloud Components

At Branch, we’re transforming how brands and users interact across digital platforms. Our mobile marketing and deep linking solutions are trusted to deliver seamless experiences that increase ROI, decrease wasted spend, and eliminate siloed attribution. Our Branch team consists of smart, humble, and collaborative people who value ownership over all. Everything we do is centered around creating a great product, team, and company that lives and breathes our motto : Build Together, Grow Together, Win Together.

We are seeking an experienced, Senior Application Security Engineer reporting directly to the Head of Security. The ideal candidate will bring a combination of strong technical skills, experience with application security, and ability to collaborate with the Engineering team. This position will have a significant impact on maturing our SDLC and implementing security best practices. This important role will help develop and implement the security champions program within our Engineering organization and drive security maturity across the organization.

As a Senior Application Security Engineer, you’ll get to :

Work with the engineering team to assess current secure SDLC processes and make recommendations on security best practices.
Collaborate with the security team on developing and implementing the Security Champions program.
Demonstrate subject matter expertise in AppSec, DAST, SAST, SCA / SBOM, OWASP Top 10, API Security and other relevant areas.
Identify tools for code scanning and work with Engineers on procedures for code testing.
Respond to vulnerabilities from our bug bounty program and drive remediation with Engineering teams.
Work with Engineering and Product teams on identity and access management to systems and tools to ensure principle of least privilege.
Assist with the sales enablement process and participate on customer calls to address remediation efforts.
Participate in compliance efforts such as SOC2, ISO, and HIPAA / HITRUST audits.
Educate the Engineering team on secure coding practices and procedures.

You’ll be a good fit if you have :

At least 5+ years experience as a Security Engineer focusing on application security, infrastructure security, or security operations.
Bachelor's / master’s degree in computer science, Computer Engineering, (or equivalent experience).
Experience in the following domains : APIs Security, Vulnerability Scan, compliance and threat detection, OWASP Top 10 API Security, Web App Security, AppSec, SAST, DAST, and SCA (Software composition analysis).
Experience with different enterprise components to publish and use APIs (e.g., API Gateways, Microservices, Cloud Components).
Experience with Mobile application development and SDKs.
Experience with security testing for server-side SDKs.
Experience with API security testing, vulnerability scan and compliance reporting.
Experience with OWASP Top 10 for Web App & APIs.
Experience with OpenAPI, and other common formats for organizing and functionally testing REST APIs.
Excellent analytical, written, and verbal communication skills – capable of explaining complex requirements in simple words.
Comfortable with conflicts and capable of influencing cross-functional teams.
Any programming or integration experience in the past will be highly beneficial.

Nice to Haves :

Knowledge or experience with deep linking technologies.
Experience with regulatory and compliance frameworks such as NIST, SOC2, ISO, PCI, and HIPAA.

In accordance with applicable law, the following represents a reasonable estimated compensation range for this role : the estimated pay range for this role, if based in Remote CA is $165,000 - $210,000.

Please note that this information is provided for those hired in Remote CA only. Compensation for candidates outside of Remote CA will be based on the candidate’s specific work location.

Actual compensation will be determined based on skills, experience, and geographic location and may be more or less than the amount shown above.

This role is 100% remote in California. This role is not eligible for remote work in any other location.

Create a job alert for this search

Senior Application Security Engineer • Remote - California, US

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.

Similar jobs