Sign upLog in

Application Security Engineer

Jobot

San Francisco, CA

Apply
JOB DETAILS
SALARY
$50–$80 Per Hour
SKILLS
Adverse Events, Amazon Web Services (AWS), Analysis Skills, Application Programming Interface (API), Applications Security, Architectural Services, Artificial Intelligence (AI), Authentication, Automation, Cadence, Cloud Computing, Code Reviews, Coding Standards, Communication Skills, Consulting, Continuous Deployment/Delivery, Continuous Integration, Customer Training, Documentation, GCP (Good Clinical Practices), Git, GitHub, Go Programming Language (Golang), Incident Response, Java, JavaScript, Jenkins, Legal, Machine Tool, Microsoft Windows Azure, OAuth, Open Source, Penetration Testing, Product Engineering, Programming Languages, Python Programming/Scripting Language, Risk, Secure Coding, Security Analysis, Security Assertion Markup Language (SAML), Security Attacks, Security Infrastructure, Security Software, Service Level Agreement (SLA), Software Development, Software Engineering, Supply Chain, Threat Modeling, Willing to Travel
LOCATION
San Francisco, CA
POSTED
Today
Software Security Firm looking for Application Security Engineer

This Jobot Consulting Job is hosted by: John Erwin
Are you a fit? Easy Apply now by clicking the "Quick Apply" buttonand sending us your resume.
Salary: $50 - $80 per hour

A bit about us:

We are a Software Consulting firm working with enterprise and start companies that are AI driven and we are developing some of the most cutting edge software/security solutions platforms in the world

Why join us?
  • Competitive Compensation
  • Work on incredible projects that are fun and challenging
  • Full Benefits (Medical, Vision, Dental)
  • 401k
  • Long term Contract to Hire opportunity


Job Details

RESPONSIBILITIES
  • Perform application security assessments including manual code review, SAST, DAST, SCA, and targeted penetration testing.
  • Lead threat modeling sessions for new features, architectural changes, and AI/LLM-backed workflows with customer product and engineering teams.
  • Integrate security tooling (Semgrep, Snyk, CodeQL, GitHub Advanced Security, Burp Suite) into CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins) with minimal developer friction.
  • Triage, track, and drive remediation of findings across web, mobile, and API surfaces with developer-friendly workflows and SLAs.
  • Design and maintain secure coding standards, authentication and authorization patterns (OAuth 2.0, SAML, JWT), and training materials for customer development teams.
  • Evaluate third-party libraries, vendor integrations, and open-source dependencies for supply chain and security risk.
  • Support incident response activities and contribute to post-incident analysis with a focus on application-layer root cause.
  • Write and maintain documentation, runbooks, and architecture decision records (ADRs) for AppSec tooling, coding standards, and remediation playbooks.

QUALIFICATIONS
  • 3 to 5 years of experience in application security, penetration testing, or secure software development.
  • Strong knowledge of OWASP Top 10, CWE, and common web and API vulnerability classes.
  • Hands-on experience with at least two of the following: SAST, DAST, SCA, or IAST tools in real CI/CD environments.
  • Proficiency in one or more programming languages (Python, Go, JavaScript/TypeScript, or Java) for automation, tooling, and integration work.
  • Familiarity with modern development workflows including Git, CI/CD pipelines, and containerized environments.
  • Solid understanding of authentication and authorization frameworks (OAuth 2.0, SAML, JWT).
  • Excellent communication skills with the ability to translate security findings into actionable engineering tasks.
  • Must be located in the SF Bay Area or willing to travel to our San Francisco office on a regular cadence.

NICE TO HAVE
  • Relevant certifications such as OSCP, GWAPT, CEH, or CSSLP.
  • Experience with bug bounty programs or responsible disclosure processes.
  • Familiarity with cloud-native security (AWS, GCP, or Azure) and cloud-native workload protection.
  • Prior contributions to open-source security tooling.


Interested in hearing more? Easy Apply now by clicking the "Quick Apply" button.

Jobot is an Equal Opportunity Employer. We provide an inclusive work environment that celebrates diversity and all qualified candidates receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, age (40 and over), disability, military status, genetic information or any other basis protected by applicable federal, state, or local laws. Jobot also prohibits harassment of applicants or employees based on any of these protected categories. It is Jobot’s policy to comply with all applicable federal, state and local laws respecting consideration of unemployment status in making hiring decisions.

Sometimes Jobot is required to perform background checks with your authorization. Jobot will consider qualified candidates with criminal histories in a manner consistent with any applicable federal, state, or local law regarding criminal backgrounds, including but not limited to the Los Angeles Fair Chance Initiative for Hiring and the San Francisco Fair Chance Ordinance.

Information collected and processed as part of your Jobot candidate profile, and any job applications, resumes, or other information you choose to submit is subject to Jobot's Privacy Policy, as well as the Jobot California Worker Privacy Notice and Jobot Notice Regarding Automated Employment Decision Tools which are available at jobot.com/legal.

By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Jobot, and/or its agents and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here: jobot.com/privacy-policy

About the Company

J

Jobot

Jobot is on a mission to connect good people with good jobs. By combining AI-powered technology with the expertise of Jobot Pros, our experienced recruiters, we help you find career opportunities that align with your goals and values.

Founded in 2018 and employee-owned since 2024, Jobot is committed to fostering a culture of kindness, respect, innovation, and connection.  As an industry leader, we’ve been recognized as a top workplace by Forbes, Fortune, USA Today, and Staffing Industry Analysts (SIA).

Ready to find a good job? Create your profile today at Jobot.com 🤖

COMPANY SIZE
100 to 499 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
2018
WEBSITE
http://www.jobot.com

Resume Resources

Free Resume TemplatesFree Resume Builder