Sr. Software Engineer/Staff Engineer (Application Security) (Remote - US)

We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!

Learn more about BNSF and our Benefits

Job Location: REMOTE
Other Potential Locations: Remote US
Anticipated Start Date: 06/16/2025
Number of Positions: 1
Salary Range: $165,000 - $375,000

The US base salary range for this full-time position is $165,000 - $375,000 plus bonus eligibility and other elements of our total rewards package. Compensation is determined by location, skills, experience, and education. In addition to base pay, BNSF offers a comprehensive benefits package.

Apply early as this job may be removed or filled prior to the closing date, approximately seven days after posting.

The bnsf | tech department drives innovation and efficiency by developing and maintaining advanced technological solutions, ensuring a robust IT infrastructure, supporting critical applications, and enhancing cybersecurity measures. Their expertise is key to optimizing operations and delivering reliable transportation services.

This is a full-time position. Our leaders foster a culture of work-life balance, emphasizing flexibility and respect for personal needs.

We are seeking a talented and driven Application Security Engineer to join our growing security team. This role focuses on securing our web, mobile, and cloud applications through threat modeling, code reviews, penetration testing, and collaboration with developers to embed secure coding practices.

1. Lead the design, implementation, and maintenance of application security tools and systems.
2. Conduct security assessments and identify vulnerabilities.
3. Collaborate with development teams to integrate security into the SDLC.
4. Perform static and dynamic code analysis.
5. Develop and maintain automated security testing tools.
6. Participate in threat modeling and architecture reviews.
7. Manage remediation of security issues.
8. Stay current with security threats, trends, and technologies.
9. Provide technical leadership and mentorship.
10. Ensure compliance with regulatory requirements and industry standards.

• Authorized to work in the US.
• Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or related field.
• At least 5+ years of experience in application development or security.
• Knowledge of application vulnerabilities (OWASP Top 10, CWE).
• Proficiency in programming languages (Java, Python, JavaScript, Go).
• Experience with security tools (SAST, DAST, IAST, SCA, Burp Suite).
• Strong communication skills and cross-functional collaboration ability.

• Knowledge in areas like mTLS, OpenID Connect, enterprise RDBMS, various OS, Java API development, iOS apps, ESB technologies, security certifications, container/Kubernetes security, cloud security (AWS, Azure, GCP).

At BNSF, you will have access to a comprehensive benefits package including:

• Industry-leading 401(k) and Railroad Retirement.
• Health care options for you and dependents.
• Health savings accounts, life and disability insurance.
• Family benefits, wellness support, bonuses, and generous leave policies.
• More details at Benefits.

All positions require background checks, medical review, and drug screening. For more info, review our Hiring Process. Employees needing unescorted access to secure areas must obtain a TWIC card (more info).

BNSF is an Equal Opportunity Employer. All qualified applicants will be considered without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.