Software Engineer I/II (Application Security) (Remote - US)

Press Tab to Move to Skip to Content Link

Be part of a team that values safety, inclusion, and excellence

We are one of the largest U.S. railroads transporting the nation’s freight across 28 western states and 3 Canadian provinces. As a member of our team, you will play a role in supporting the movement of essential products and materials that help feed, clothe, supply, and power communities throughout America and the world.

We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!

• Location: REMOTE, US
• Start Date: 06/16/2025
• Positions: 1
• Salary Range: $93,750 - $206,250

The US base salary range for this full-time position is $93,750-$206,250, plus bonus eligibility and other elements of our total rewards package. Compensation is determined by factors including location, skills, experience, and education. In addition to base pay, BNSF offers a comprehensive benefits package.

Apply early as this job may be filled or removed prior to the closing date, approximately seven days after posting.

The bnsf | tech department drives innovation and efficiency by developing and maintaining advanced technological solutions. This team ensures a robust IT infrastructure, supports critical applications, and enhances cybersecurity measures, enabling BNSF to deliver reliable transportation services.

This is a full-time position. Our leaders foster a culture that values work-life balance and flexibility.

We are seeking a talented Application Security Engineer to secure our web, mobile, and cloud applications through threat modeling, code reviews, penetration testing, and collaboration with developers to embed secure coding practices.

1. Design, implement, and maintain application security tools and systems.
2. Conduct security assessments and identify vulnerabilities.
3. Collaborate with development teams to integrate security into the SDLC.
4. Perform static and dynamic code analysis.
5. Develop automated security testing tools.
6. Participate in threat modeling and architecture reviews.
7. Track and manage security issue remediation.
8. Stay current with security threats, trends, and technologies.
9. Ensure compliance with industry standards and regulations.

• Authorized to work in the US.
• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or equivalent experience.
• Knowledge of application vulnerabilities (OWASP Top 10, CWE).
• Experience with security tools (SAST, DAST, IAST, SCA, Burp Suite).
• Strong communication skills and cross-functional collaboration.
• Fluency in multiple tech stacks such as C, C++, Java, etc.
• Experience with DevSecOps, automation, and APIs.
• Understanding of SSDLC.

• Future employment authorization considerations.
• Knowledge of mTLS, OpenID Connect, RDBMS, OS (Windows, Linux, etc.), Java APIs, and cloud security (AWS, Azure, GCP).
• Security certifications (OSCP, CISSP, etc.).

• 401(k) and Railroad Retirement.
• Health care options including medical, dental, vision, and mental health.
• Health savings accounts, life and disability insurance.
• Family benefits, discounts, and annual bonus.

Please review our FAQ and the hiring process for more details. All positions require background checks, medical review, and drug screening. For secure areas, a TWIC card may be necessary. More info at https://www.tsa.gov/for-industry/twic

BNSF Railway is an Equal Opportunity Employer, considering all qualified applicants without discrimination.