204 application security engineer jobs at 144 companies in California
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Brex: Corporate cards and spend management software for businesses.
8+ YOE8+ years in application/product security or related software engineering; technical leadership and mentorship experience; expertise in AI security, threat modeling, cloud-native container security (AWS, Kubernetes); proficiency in Python/Go; strong communication skills.
BitGoNYSE: BTGO: Provides secure infrastructure for institutional digital asset management.
8+ YOE8+ years building and scaling application security programs for FinTech/Web3; strong engineering background in distributed systems, Python or Java, Kubernetes, AWS, Terraform; experience with SAST/DAST, CI/CD security automation, KMS/encryption, SOC 2/GDPR controls, and securing AI/ML lifecycles.
Zeta GlobalNYSE: ZETA: Provides an AI-powered marketing platform for enterprise customer engagement.
5+ YOEBachelor's or equivalent,5+ years application security experience,knowledge of OWASP and threat modeling,AI/ML security familiarity,cloud and container experience,experience with security automation and tooling.
Serval: AI platform for automating IT and enterprise service workflows.
10+ YOE10+ years in cybersecurity with deep expertise in application security, secure SDLC, vulnerability management, secure cloud-native architecture, leadership experience, and strong software engineering skills.
Tatari: A platform for buying and measuring TV advertising campaigns.
Production Python experience, significant hands-on application security experience, threat modeling, building security tooling/automation, familiarity with AWS and Kubernetes, and SAST/DAST/SCA/CI-CD integration.
Python, Java, Rust, AWS, Kubernetes, OWASP Top 10, API Security Top 10, ASVS, SPVS, AISVS, SAST, DAST, SCA, CI/CD
4+ YOE4+ years in application security or software security engineering; writing production code; strong auth: OAuth 2.0, OIDC, SAML; experience with AWS and containers; Go/TypeScript; security tooling; incident response.
ServiceNowNYSE: NOW: Provides a cloud platform for automating enterprise digital workflows.
5+ YOE5+ years in application security, 3+ years penetration testing, experience with SAST/DAST, Snyk, GitHub Dependabot, Burp Suite, Python/Golang, cloud security (AWS/GCP/Azure), and AI/LLM security; BS or equivalent.
HeartFlowNASDAQ: HTFL: Provides AI-driven non-invasive cardiac diagnostic software and analysis.
5+ YOE5+ years experience, ≥1 year in application security or security work in development; BS or equivalent/certifications; experience with secure SDLC, threat modeling, SAST/DAST/SCA, and vulnerability management.
Braintrust: Platform for evaluating and monitoring AI model performance.
5+ YOE5+ years in application security or backend engineering; strong skills in TypeScript/Node.js, Python, Go, or Rust; deep web/API vulnerability knowledge; experience building secure-by-default libraries; authn/authz design; multi-tenant data isolation; secrets management; VS real-time data platform familiarity.
Chicago or California or Colorado or Florida or Georgia or Illinois or Indiana or Minnesota or Missouri or Montana or New Jersey or New York or North Carolina or Ohio or Oregon or Pennsylvania or South Carolina or Texas or Utah or Vermont or Virginia or Washington or Washington or Wisconsin
$210k-$260k/yrHybridFull Time
NinjaTrader: Provides futures brokerage services and a trading software platform.
7+ YOE7+ years in application/product/security engineering; hands-on threat modeling, vulnerability management, secure design, CI/CD integration, automation using Python/Go; experience with cloud-native AWS/GCP environments.
Ivo: AI-powered contract review and intelligence platform for legal teams.
4+ YOE5+ years in application security; hands-on web pen testing; TypeScript/Node and Python; cloud security in GCP/Azure; manage pen tests; secure coding; strong communication.
United States or Canada or San Francisco or New York City or Seattle
$190k-$273k/yrRemoteFull Time
Apollo.io: AI-powered platform for B2B sales intelligence and outreach automation.
5+ YOE5+ years software engineering or application security experience; strong coding skills (Ruby, Python), Linux and GCP familiarity, deep AppSec/vulnerability management, pen-testing and SAST experience, AI security, and strong communication.
iHerb: Global e-commerce retailer of health and wellness products.
8+ YOE8+ years technical security leadership, SDL and automation experience, strong application/cloud security knowledge, proficiency with threat modeling and security tooling, degree or equivalent experience.
Anthropic: Developing safe and reliable artificial intelligence systems.
Hands-on application and infrastructure security experience, production-quality coding in Python/Go/Rust/TypeScript, threat-modeling, vulnerability ID, clear communication, and ability to assess unfamiliar codebases under time pressure.
Brain Co.: Builds AI software platforms for governments and large enterprises.
5+ YOE5+ years in application or product security; hands-on security tooling and coding; strong knowledge of application security fundamentals; experience with AI-enabled security.