151 application security engineer jobs at 107 companies in Berkeley, CA
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Brex: Corporate cards and spend management software for businesses.
8+ YOE8+ years in application/product security or related software engineering; technical leadership and mentorship experience; expertise in AI security, threat modeling, cloud-native container security (AWS, Kubernetes); proficiency in Python/Go; strong communication skills.
BitGoNYSE: BTGO: Provides secure infrastructure for institutional digital asset management.
8+ YOE8+ years building and scaling application security programs for FinTech/Web3; strong engineering background in distributed systems, Python or Java, Kubernetes, AWS, Terraform; experience with SAST/DAST, CI/CD security automation, KMS/encryption, SOC 2/GDPR controls, and securing AI/ML lifecycles.
Zeta GlobalNYSE: ZETA: Provides an AI-powered marketing platform for enterprise customer engagement.
5+ YOEBachelor's or equivalent,5+ years application security experience,knowledge of OWASP and threat modeling,AI/ML security familiarity,cloud and container experience,experience with security automation and tooling.
Serval: AI platform for automating IT and enterprise service workflows.
10+ YOE10+ years in cybersecurity with deep expertise in application security, secure SDLC, vulnerability management, secure cloud-native architecture, leadership experience, and strong software engineering skills.
Tatari: A platform for buying and measuring TV advertising campaigns.
Production Python experience, significant hands-on application security experience, threat modeling, building security tooling/automation, familiarity with AWS and Kubernetes, and SAST/DAST/SCA/CI-CD integration.
Python, Java, Rust, AWS, Kubernetes, OWASP Top 10, API Security Top 10, ASVS, SPVS, AISVS, SAST, DAST, SCA, CI/CD
4+ YOE4+ years in application security or software security engineering; writing production code; strong auth: OAuth 2.0, OIDC, SAML; experience with AWS and containers; Go/TypeScript; security tooling; incident response.
ServiceNowNYSE: NOW: Provides a cloud platform for automating enterprise digital workflows.
5+ YOE5+ years in application security, 3+ years penetration testing, experience with SAST/DAST, Snyk, GitHub Dependabot, Burp Suite, Python/Golang, cloud security (AWS/GCP/Azure), and AI/LLM security; BS or equivalent.
HeartFlowNASDAQ: HTFL: Provides AI-driven non-invasive cardiac diagnostic software and analysis.
5+ YOE5+ years experience, ≥1 year in application security or security work in development; BS or equivalent/certifications; experience with secure SDLC, threat modeling, SAST/DAST/SCA, and vulnerability management.
Braintrust: Platform for evaluating and monitoring AI model performance.
5+ YOE5+ years in application security or backend engineering; strong skills in TypeScript/Node.js, Python, Go, or Rust; deep web/API vulnerability knowledge; experience building secure-by-default libraries; authn/authz design; multi-tenant data isolation; secrets management; VS real-time data platform familiarity.
Ivo: AI-powered contract review and intelligence platform for legal teams.
4+ YOE5+ years in application security; hands-on web pen testing; TypeScript/Node and Python; cloud security in GCP/Azure; manage pen tests; secure coding; strong communication.
United States or Canada or San Francisco or New York City or Seattle
$190k-$273k/yrRemoteFull Time
Apollo.io: AI-powered platform for B2B sales intelligence and outreach automation.
5+ YOE5+ years software engineering or application security experience; strong coding skills (Ruby, Python), Linux and GCP familiarity, deep AppSec/vulnerability management, pen-testing and SAST experience, AI security, and strong communication.
Anthropic: Developing safe and reliable artificial intelligence systems.
Hands-on application and infrastructure security experience, production-quality coding in Python/Go/Rust/TypeScript, threat-modeling, vulnerability ID, clear communication, and ability to assess unfamiliar codebases under time pressure.
Brain Co.: Builds AI software platforms for governments and large enterprises.
5+ YOE5+ years in application or product security; hands-on security tooling and coding; strong knowledge of application security fundamentals; experience with AI-enabled security.
Seattle or Los Angeles or San Francisco or California or Colorado or Connecticut or Delaware or Hawaii or Illinois or Maine or Maryland or Massachusetts or Minnesota or Nevada or New Jersey or New York or Rhode Island or Virginia or Washington or Washington DC or United States
$141k-$259k/yrOnsiteFull Time
Nordstrom: Operates luxury department stores and off-price retail outlets.
4+ YOE4+ years in application security or related field; experience shipping security tooling and automation; expert threat modeling, security design review, and manual code review; fluent reading/writing code in Java, Kotlin, C#, or Python; cloud-native and LLM/AI security knowledge.
Nclusion: Provides digital banking and payment infrastructure for unbanked populations.
10+ YOE10+ years in software or application security; strong programming in Go, Python, Java, TypeScript, or C++; experience with Kubernetes, Terraform, threat modeling, API security, IAM concepts, and secure CI/CD; pragmatic balance of developer productivity and risk.