← Back to AppSec
A
Abnormal Security
abnormalsecurity.com

Senior Application Security Engineer

AppSecRemote

Who you are:

  • An intellectually curious, solution-focused engineer with a security mindset who thrives in fast-paced environments
  • A technical leader who can architect secure application solutions while maintaining engineering velocity
  • Someone who thinks like an attacker but builds like a defender - understanding both offensive and defensive security principles
  • A collaborative engineer who can translate security requirements into actionable development tasks
  • A mentor who enjoys teaching secure coding practices and security architecture to junior engineers

What you will do

  • Lead threat modeling and security architecture reviews with engineering teams by translating security risks into development actions.
  • Architect, build, and maintain security tooling and integrations that enable secure development workflows (e.g., SAST, DAST, SCA, IAST tools).
  • Collaborate with Engineering, DevOps, and Platform teams to build scalable security controls via Infrastructure-as-Code and secure CI/CD pipelines.
  • Design and deploy automated security testing frameworks to identify vulnerabilities early in the development process.
  • Serve as a hands-on technical contributor during security incidents by analyzing application-level behavior and enhancing response processes.
  • Mentor and support junior engineers on secure coding practices, security architecture, and security tooling integrations.
  • Evaluate and uplift application security tooling across commercial and open-source capabilities by focusing on scale, efficiency, and precision.
  • Define and track key security posture metrics, building dashboards or reports to visualize security coverage and vulnerability trends.
  • Partner with engineering teams to implement and maintain security controls across applications and services.
  • Stay current with emerging AI/ML security threats, evaluating them for business applicability and integration.

Must Haves

  • Proven delivery in application security engineering roles, ideally in cloud-native environments with modern development practices.
  • Hands-on experience with security testing tools (SAST, DAST, SCA, IAST) and working knowledge of security automation in CI/CD pipelines.