50 application security engineer jobs at 37 companies in Colorado

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
1w
Save
Mark Applied
Hide
Staff Security Engineer, Application Security
Chicago or California or Colorado or Florida or Georgia or Illinois or Indiana or Minnesota or Missouri or Montana or New Jersey or New York or North Carolina or Ohio or Oregon or Pennsylvania or South Carolina or Texas or Utah or Vermont or Virginia or Washington or Washington or Wisconsin
$210k-$260k/yr HybridFull Time
NinjaTrader
NinjaTrader: Provides futures brokerage services and a trading software platform.
7+ YOE7+ years in application/product/security engineering; hands-on threat modeling, vulnerability management, secure design, CI/CD integration, automation using Python/Go; experience with cloud-native AWS/GCP environments.
AWS, GCP, Python, Go, SAST, SCA, DAST, CI/CD, AI/LLMs
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer
Broomfield, Colorado, United States
HybridFull Time
Recurly
Recurly: Automates subscription billing and management for recurring revenue businesses.
Experience developing in multiple languages, DevSecOps collaboration, managing bug bounty programs, integrating AI/ML into security pipelines, using SAST/DAST/SCA tools, Burp Suite, Terraform, Graylog, GCP, and Kubernetes.
Ruby, Go, Rust, JavaScript, Cloud Armor WAF, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Bug Bounty Programs, Containers, Git, Terraform, Graylog, GCP, Kubernetes, Burp Suite, AI/ML
4d
Save
Mark Applied
Hide
Application Security Engineer, Lead
Colorado Springs, Colorado, United States
$99k-$225k/yr OnsiteFull Time
Booz Allen Hamilton
Booz Allen HamiltonNYSE: BAH: Provides technology and management consulting services to diverse organizations.
5+ YOE5+ years application security experience with micro/macro-segmentation, WAFs, next-generation firewalls, application delivery, DoD networks, and eligibility for Secret clearance.
Palo Alto, Cisco, Fortinet, Juniper, Illumio, F5, Nginx, A10, NetScaler, Panorama, F5 BIG-IP Application Security Manager (ASM), Advanced Web Application Firewall (AWAF), Terraform, Visual Studio Code, Azure, AWS
3d
Save
Mark Applied
Hide
Application Security Engineer, Lead
Colorado Springs, Colorado, United States
$99k-$225k/yr HybridFull Time
Booz Allen Hamilton
Booz Allen HamiltonNYSE: BAH: Consulting and technology services for government and commercial clients
5+ YOE5+ years implementing application security (micro/macro-segmentation, WAFs), experience with next-gen firewalls and application delivery, DoD networks, Secret clearance, HS diploma/GED.
Palo Alto, Cisco, Fortinet, Juniper, Illumio, F5, Nginx, A10, NetScaler, Panorama, F5 BIG-IP Application Security Manager (ASM), Advanced Web Application Firewall (AWAF), Terraform, VS Code, Azure, AWS
1mo
Save
Mark Applied
Hide
Sr. Application Security Engineer
Denver, Colorado, United States
$130k-$165k/yr HybridFull Time
Vertafore
VertaforeNYSE: ROP: Provides cloud-based software solutions for the insurance industry.
7+ YOE7+ years in application/product/cloud security; Bachelor's in relevant field or equivalent experience; hands-on experience with threat modeling, secure SDLC, vulnerability management, CI/CD security, cloud (AWS/Azure), API and AI security; strong communication skills.
SAST, DAST, SCA, IaC scanning, container scanning, API security testing, secrets scanning, AI runtime scanning, WAF, CNAPP, CSPM, CI/CD, SIEM, AWS, Azure, OWASP ASVS, NIST CSF, NIST SSDF, OWASP SAMM
3w
Save
Mark Applied
Hide
Senior Application Security Engineer
Seattle or Los Angeles or San Francisco or California or Colorado or Connecticut or Delaware or Hawaii or Illinois or Maine or Maryland or Massachusetts or Minnesota or Nevada or New Jersey or New York or Rhode Island or Virginia or Washington or Washington DC or United States
$141k-$259k/yr OnsiteFull Time
Nordstrom
Nordstrom: Operates luxury department stores and off-price retail outlets.
4+ YOE4+ years in application security or related field; experience shipping security tooling and automation; expert threat modeling, security design review, and manual code review; fluent reading/writing code in Java, Kotlin, C#, or Python; cloud-native and LLM/AI security knowledge.
Java, Kotlin, C#, Python, SAST, SCA, DAST, secrets scanning, GitHub Advanced Security, JFrog Artifactory, AWS, GCP, Azure, Kubernetes, LLM
3mo
Save
Mark Applied
Hide
Senior Application Security Engineer
Denver or Long Beach
$145k-$205k/yr HybridFull Time
True Anomaly
True Anomaly: Develops autonomous spacecraft and software for space security missions.
5+ YOE5+ years in application security; experience with NIST 800-171/800-53, FedRAMP or CMMC; code in Python/Elixir/C++/JS; cloud security (Azure/AWS/GCP); DoD clearance eligibility.
CodeQL, Semgrep, JFrog Xray, DAST tools, Terraform, Bicep, Pulumi, Kubernetes
3mo
Save
Mark Applied
Hide
Senior Application Security Engineer
Spring or Durham or Alpharetta or Fort Collins
$106k-$243k/yr HybridFull Time
Hewlett Packard Enterprise
Hewlett Packard EnterpriseNYSE: HPE: Providing global edge-to-cloud infrastructure and IT solutions for businesses.
5+ YOE5–8+ years in application security; CI/CD security; SBOM/NIST/SSDF knowledge; secrets management; WAF and API security; SAST/DAST/SCA; cloud security; programming in Python/Java/Go/Node.js.
GitHub, GitLab, Jenkins, Sigstore, Cosign, WAF, SAST, DAST, SCA, container scanning, AWS, Azure, GCP, Python, Java, Go, JavaScript
3mo
Save
Mark Applied
Hide
Senior Application Security Engineer
Spring or Durham or Alpharetta or Fort Collins
$112k-$243k/yr HybridFull Time
Hewlett Packard Enterprise
Hewlett Packard EnterpriseNYSE: HPE: Provides global edge-to-cloud technology solutions and IT infrastructure services.
5+ YOE5–8+ years in Application Security; hands-on pipeline security; SLSA/NIST SSDF; secrets management; WAF and API security; multiple programming languages; cloud security; OWASP Top 10; SBOM/CI-CD tooling.
GitHub, GitLab, Jenkins, Sigstore, Cosign, SAST, DAST, SCA, Container scanning, WAF, SBOM tooling, IaC scanning
3mo
Save
Mark Applied
Hide
Senior Application Security Engineer
Spring or Durham or Alpharetta or Fort Collins
$112k-$212k/yr HybridFull Time
Hewlett Packard Enterprise
Hewlett Packard EnterpriseNYSE: HPE: Provides edge-to-cloud IT infrastructure and platform services.
5+ YOE5–8+ years in application security; secure CI/CD pipelines; SLSA/NIST SSDF; secrets management; WAF; API security; SAST/DAST/SCA; cloud security; programming languages (Python/Java/Go/Node.js).
GitHub, GitLab, Jenkins, Sigstore, Cosign, SAST, DAST, SCA, WAF, OWASP, MITRE ATLAS, Cloud security (AWS/Azure/GCP)
3mo
Save
Mark Applied
Hide
Staff/Sr. Staff Application Security Engineer
Boulder, Colorado, United States
$96k-$146k/yr OnsiteFull Time
SciTec
SciTec: Provides advanced remote sensing and missile defense technology solutions.
2+ YOEBachelor’s degree + 2+ years in cybersecurity or software development; 2+ years in application security; ability to obtain DoD/DoE Secret clearance; strong communication and problem-solving; DoD 8140.01 readiness.
SAST tools, SCA tools, Fuzzing tools, Static analysis tools, Code review tools, CI/CD security tooling, Ghidra, IDA Pro, strace, eBPF, Coverity, Klocwork, SonarQube, Snyk, Sonatype, Anchore, JFrog Xray
1w
Save
Mark Applied
Hide
Product Security Engineer
Irvine or Newport Beach or Denver or Seattle or San Francisco
$185k-$220k/yr HybridFull Time
Compa
Compa: AI-powered compensation intelligence platform for enterprise teams.
5+ YOE5+ years software engineering experience, application and cloud security reviews, threat modeling, secure SDLC, cloud-native and IAM knowledge, strong systems thinking and communication skills.
AWS, SAML, SCIM, RBAC, CI/CD, IAM, infrastructure-as-code, containers
1mo
Save
Mark Applied
Hide
Sales Engineer (Application Security)
Texas or Oklahoma or Arizona or Washington or Missouri or Illinois or Colorado or Oregon
RemoteFull Time
Thales
ThalesEuronext Paris: HO: Develops electronics and digital systems for aerospace and defense.
5+ YOE5+ years sales engineering experience in application/security domains (DDoS, WAF, API management, bot management); strong application security knowledge; foundational networking protocols; hands-on cloud/container experience (AWS/Azure/GCP, K8s, Docker); strong presentation and consultative-selling skills.
AWS, Azure, GCP, K8s, Docker, SIEM, DevOps, DevSecOps, TCP/IP, DNS, TLS, HTTP, CDN
3mo
Save
Mark Applied
Hide
Senior Product Security Engineer (Active Clearance)
Fort Collins, Colorado, United States
$144k-$191k/yr OnsiteFull Time
Anduril Industries
Anduril Industries: Defense technology building autonomous military hardware and software.
8+ YOE8+ years of experience; bachelor's degree; programming in C/C++, Golang, Rust, or Python; security of firmware, applications, networks, or embedded systems; embedded/Linux development; anti-tamper/reverse engineering awareness; strong communication; eligibility for U.S. TS clearance.
C/C++, Golang, Rust, Python, Linux, Embedded Systems, Firmware, Security Testing, Threat Modeling
1mo
Save
Mark Applied
Hide
Security Engineer
Denver, Colorado, United States
$115k-$130k/yr HybridFull Time
Ibotta
IbottaNYSE: IBTA: Provides a cash-back rewards and performance marketing platform.
4+ YOE4+ years in security engineering or application security; proficiency with Python/Go/Java, Docker/Kubernetes, AWS/GCP, Terraform, CI/CD and SAST/DAST/SCA tools; experience with threat modeling, bug bounty programs, and on-call incident response.
Python, Go, Java, Docker, Kubernetes, SAST, DAST, SCA, CI/CD, Terraform, AWS, GCP, OWASP Top 10
1mo
Save
Mark Applied
Hide
Staff Security Engineer
New York City or Denver or Dallas or Miami or United States
$169k-$210k/yr RemoteFull Time
Rightway
Rightway: Healthcare navigation and transparent pharmacy benefit management services.
8+ YOE8+ years security engineering experience across application and cloud security, strong AWS security and IaC knowledge, experience in regulated environments (healthcare), ability to read backend code (Ruby, Node.js, Java), and experience with AI/LLM security guidance.
AWS, Terraform, CI/CD, SAML 2.0, OAuth, OIDC, Ruby, Node.js, Java, OWASP Top 10 for LLM Applications, OWASP GenAI Security Project
1mo
Save
Mark Applied
Hide
Sales Engineer (Application Security)
Texas or Oklahoma or Arizona or Washington or Missouri or Illinois or Colorado or Oregon
RemoteFull Time
Thales
ThalesEuronext Paris: HO: Designs and manufactures electronic systems for aerospace and defense.
5+ YOE5+ years sales engineering experience in application security (DDoS, WAF, API, bot management); strong networking fundamentals (TCP/IP, DNS, TLS, HTTP, CDN); hands-on with AWS/Azure/GCP, K8s, Docker; consultative selling; up to 30% travel; must be authorized to work in the US.
AWS, Azure, GCP, K8s, Docker, TCP/IP, DNS, TLS, HTTP, CDN, SIEM
1mo
Save
Mark Applied
Hide
Principal Application Security Architect - 861
Broomfield, Colorado, United States
$184k-$230k/yr OnsiteFull Time
Quantinuum
Quantinuum: Building full-stack quantum computing hardware and software systems.
10+ YOEBachelor's degree; 10+ years in app security; 5+ years software engineering; US person; security and compliance expertise.
SAST, DAST, CI/CD, OWASP Top 10, AWS, Azure, GCP, Python, Java, JavaScript, Go, Jenkins, Git
1mo
Save
Mark Applied
Hide
Lead Technical Application Engineer - Nuclear Steam Turbine Controls Upgrades
Longmont, Colorado, United States
$108k-$180k/yr OnsiteFull Time
GE Vernova
GE VernovaNYSE: GEV: Designs and services technologies for global power generation and electrification.
5+ YOELead evaluation of nuclear steam turbine controls upgrades; bachelor in engineering; 5+ years turbine controls; 2+ years nuclear; travel up to 15%.
Mark VIe, Control system, HMI, Cybersecurity
1w
Save
Mark Applied
Hide
AI Security Engineer
Denver, Colorado, United States
$150k-$178k/yr HybridFull Time
Litera
Litera: AI-powered document and workflow software for legal professionals.
3+ YOE3+ years cybersecurity experience with 1–2 years focused on AI/ML or application security; knowledge of LLM risks, threat modeling, SAST/DAST, secrets management, CI/CD and cloud security; strong communication skills.
LangChain, Azure OpenAI, Amazon Bedrock, Kubernetes, AWS, Azure, Garak, PyRIT, Counterfit, SAST, DAST, CI/CD

Explore Jobs

Expand Your Job Search