50 application security engineer jobs at 37 companies in Colorado
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Chicago or California or Colorado or Florida or Georgia or Illinois or Indiana or Minnesota or Missouri or Montana or New Jersey or New York or North Carolina or Ohio or Oregon or Pennsylvania or South Carolina or Texas or Utah or Vermont or Virginia or Washington or Washington or Wisconsin
$210k-$260k/yrHybridFull Time
NinjaTrader: Provides futures brokerage services and a trading software platform.
7+ YOE7+ years in application/product/security engineering; hands-on threat modeling, vulnerability management, secure design, CI/CD integration, automation using Python/Go; experience with cloud-native AWS/GCP environments.
Booz Allen HamiltonNYSE: BAH: Provides technology and management consulting services to diverse organizations.
5+ YOE5+ years application security experience with micro/macro-segmentation, WAFs, next-generation firewalls, application delivery, DoD networks, and eligibility for Secret clearance.
VertaforeNYSE: ROP: Provides cloud-based software solutions for the insurance industry.
7+ YOE7+ years in application/product/cloud security; Bachelor's in relevant field or equivalent experience; hands-on experience with threat modeling, secure SDLC, vulnerability management, CI/CD security, cloud (AWS/Azure), API and AI security; strong communication skills.
Seattle or Los Angeles or San Francisco or California or Colorado or Connecticut or Delaware or Hawaii or Illinois or Maine or Maryland or Massachusetts or Minnesota or Nevada or New Jersey or New York or Rhode Island or Virginia or Washington or Washington DC or United States
$141k-$259k/yrOnsiteFull Time
Nordstrom: Operates luxury department stores and off-price retail outlets.
4+ YOE4+ years in application security or related field; experience shipping security tooling and automation; expert threat modeling, security design review, and manual code review; fluent reading/writing code in Java, Kotlin, C#, or Python; cloud-native and LLM/AI security knowledge.
True Anomaly: Develops autonomous spacecraft and software for space security missions.
5+ YOE5+ years in application security; experience with NIST 800-171/800-53, FedRAMP or CMMC; code in Python/Elixir/C++/JS; cloud security (Azure/AWS/GCP); DoD clearance eligibility.
Hewlett Packard EnterpriseNYSE: HPE: Providing global edge-to-cloud infrastructure and IT solutions for businesses.
5+ YOE5–8+ years in application security; CI/CD security; SBOM/NIST/SSDF knowledge; secrets management; WAF and API security; SAST/DAST/SCA; cloud security; programming in Python/Java/Go/Node.js.
SciTec: Provides advanced remote sensing and missile defense technology solutions.
2+ YOEBachelor’s degree + 2+ years in cybersecurity or software development; 2+ years in application security; ability to obtain DoD/DoE Secret clearance; strong communication and problem-solving; DoD 8140.01 readiness.
Irvine or Newport Beach or Denver or Seattle or San Francisco
$185k-$220k/yrHybridFull Time
Compa: AI-powered compensation intelligence platform for enterprise teams.
5+ YOE5+ years software engineering experience, application and cloud security reviews, threat modeling, secure SDLC, cloud-native and IAM knowledge, strong systems thinking and communication skills.
Anduril Industries: Defense technology building autonomous military hardware and software.
8+ YOE8+ years of experience; bachelor's degree; programming in C/C++, Golang, Rust, or Python; security of firmware, applications, networks, or embedded systems; embedded/Linux development; anti-tamper/reverse engineering awareness; strong communication; eligibility for U.S. TS clearance.
IbottaNYSE: IBTA: Provides a cash-back rewards and performance marketing platform.
4+ YOE4+ years in security engineering or application security; proficiency with Python/Go/Java, Docker/Kubernetes, AWS/GCP, Terraform, CI/CD and SAST/DAST/SCA tools; experience with threat modeling, bug bounty programs, and on-call incident response.
New York City or Denver or Dallas or Miami or United States
$169k-$210k/yrRemoteFull Time
Rightway: Healthcare navigation and transparent pharmacy benefit management services.
8+ YOE8+ years security engineering experience across application and cloud security, strong AWS security and IaC knowledge, experience in regulated environments (healthcare), ability to read backend code (Ruby, Node.js, Java), and experience with AI/LLM security guidance.
AWS, Terraform, CI/CD, SAML 2.0, OAuth, OIDC, Ruby, Node.js, Java, OWASP Top 10 for LLM Applications, OWASP GenAI Security Project
Texas or Oklahoma or Arizona or Washington or Missouri or Illinois or Colorado or Oregon
RemoteFull Time
ThalesEuronext Paris: HO: Designs and manufactures electronic systems for aerospace and defense.
5+ YOE5+ years sales engineering experience in application security (DDoS, WAF, API, bot management); strong networking fundamentals (TCP/IP, DNS, TLS, HTTP, CDN); hands-on with AWS/Azure/GCP, K8s, Docker; consultative selling; up to 30% travel; must be authorized to work in the US.
Lead Technical Application Engineer - Nuclear Steam Turbine Controls Upgrades
Longmont, Colorado, United States
$108k-$180k/yrOnsiteFull Time
GE VernovaNYSE: GEV: Designs and services technologies for global power generation and electrification.
5+ YOELead evaluation of nuclear steam turbine controls upgrades; bachelor in engineering; 5+ years turbine controls; 2+ years nuclear; travel up to 15%.
Litera: AI-powered document and workflow software for legal professionals.
3+ YOE3+ years cybersecurity experience with 1–2 years focused on AI/ML or application security; knowledge of LLM risks, threat modeling, SAST/DAST, secrets management, CI/CD and cloud security; strong communication skills.