42 application security engineer jobs at 36 companies in Everett, MA
🚀PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yrOn-SiteFull Time
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
HarbourVest: Manages global private equity, credit, and infrastructure investments.
3+ YOE3+ years experience in application security or secure software development; expertise in SAST/DAST/SCA, threat modeling, secure code review, cloud/containers/IaC, CI/CD and DevSecOps; proficiency in Java/Python/C#/JavaScript and AI-assisted coding tools; security certifications preferred.
Quanata: Developing risk prediction and telematics software for insurance companies.
4+ YOEAssociate's degree (required); 4+ years software engineering experience with ≥2 years in application security; familiarity with OWASP/ASVS/MASVS, threat modeling (STRIDE/PASTA), cloud architectures, and strong communication skills.
DatadogNASDAQ: DDOG: Observability and security platform for cloud applications and infrastructure.
Software engineering background with hands-on code review; knowledge of OWASP Top 10, SAST/DAST, API security; able to mentor engineers and define secure-by-default solutions.
Go, Python, Rust, OWASP, SAST, DAST, API security, APM, CI/CD
Boston or Carmel or Chicago or Lambertville or New York City or San Francisco or United States
$60k-$80k/yrHybridFull Time
Real Chemistry: Provides marketing and communication services for healthcare companies.
5+ YOE5+ years cloud security experience (3+ in high-growth acceptable), including 2 years focused on application security; hands-on with AWS IAM, SAML/OIDC, GitHub security tooling, threat modeling, penetration testing, and familiarity with SOC 2/GDPR/HIPAA-adjacent controls.
Boston or Chicago or Los Angeles or New York or San Francisco or Toronto or Vancouver or Vancouver
$145k-$175k/yrRemoteFull Time
Later: Provides software for social media scheduling and influencer marketing.
5+ YOE5+ years security engineering experience; strong application, cloud, and infrastructure security; SOC 2 and compliance experience; vulnerability management, IaC and CI/CD security; strong communication and software engineering skills.
OWASP, NIST, CIS Controls, SOC 2, ISO 27001, AWS Security Hub, Azure Security Center, GCP Security Command Center, SIEM, SOAR, Terraform, CloudFormation, C#, CI/CD
Sugino Corp: Manufacturer of precision industrial cleaning and machining equipment.
Provide field technical support for fire, security, and communications systems including programming, commissioning, troubleshooting, and maintaining manufacturer software; obtain required Massachusetts licensures; work in customer sites using diagnostic tools and laptop.
Seven AI: Provides autonomous AI agents for enterprise security operations.
6+ YOE6+ years in software/security engineering; strong secure application/system design knowledge; production coding in at least two of Python, TypeScript, or Rust; SAST/SCA/CSPM tooling experience; threat modeling and developer-tooling experience.
ASUSTaiwan Stock Exchange: 2357: Manufacturer of computer hardware, laptops, and consumer electronics.
8+ YOEBachelor's in CS or related, 8+ years in application/infrastructure security, hands-on cloud (GCP) and web app security (Node.js/Next.js), IAM, SAST/DAST/CI-CD integration, Terraform preferred, strong communication.
ModernaNasdaq: MRNA: Develops and manufactures messenger RNA medicines and vaccines.
5+ YOE5+ years cybersecurity or application/platform security experience with hands-on API security, threat modeling, API risk assessment, and collaboration with engineering and platform teams.
API gateways, service meshes, reverse proxies, AI Gateway
InvoiceCloud: Provides digital billing and payment solutions for essential services.
5+ YOEBachelor's degree or equivalent experience, 5+ years security engineering, 2+ years securing AI/ML systems, expertise in application/cloud security, CI/CD and MLOps integration, and familiarity with AI threat models and industry guidance.
AWS, Azure, MLOps, MLSecOps, CI/CD, SIEM, SOC, LLM, OWASP GenAI/Top 10 for LLM Applications, MITRE ATLAS, NIST AI RMF
8+ YOE8+ years relevant experience, Bachelor's or equivalent in Computer Science/Security, deep application/infrastructure/cloud-native security expertise, AI/ML security experience, experience defining security architecture and threat models, proficiency in Python or Go, compliance experience.
Seattle or Madison or Princeton or Cambridge Crossing
$138k-$183k/yrOnsiteFull Time
Bristol Myers SquibbNew York Stock Exchange: BMY: Develops and distributes innovative medicines for serious diseases.
5+ YOE5+ years in software/cloud engineering; AWS-native; Python/FastAPI; TypeScript/Node; CI/CD; experience with LLM/agentic AI; MCP/FastMCP; security, IAM, VPC; knowledge of data stores.
WHOOP: Providing wearable health trackers and physiological performance analytics.
4+ YOE4+ years in information security with focus on detection engineering, threat detection, or security operations; experience writing/tuning detections across cloud, identity, endpoint, or applications; strong scripting; familiar with detection tools (YARA, SIGMA, Suricata).
WHOOP: Wearable technology for personalized health and performance tracking.
4+ YOE4+ years in information security, detection engineering, or security operations; experience building detections across cloud, identity, endpoint, or application; familiarity with YARA, SIGMA, Suricata; strong scripting (Python/Go/PowerShell); cloud/SaaS telemetry expertise; communications skills;Bachelor’s degree in CS/Info Security or related fiel...
Flexcompute: Develops GPU-native multiphysics simulation software for hardware engineers.
Hands-on engineering in backend, DevOps/infrastructure, or security; experience securing AWS; familiarity with Terraform, CI/CD pipelines, and application/infrastructure security; experience with compliance frameworks (NIST 800-171/800-53) preferred.
Tines: No-code workflow automation for security and IT teams.
8+ YOE8+ years in product/application security, cloud-native security (AWS preferred), experience with AI/LLM-augmented tooling, vulnerability management, CI/CD security, SAST/DAST/SCA, incident response, and strong communication skills.
Experienced in designing access control, CCTV/IP, intrusion detection systems; performing site surveys; developing design packages and construction documentation; coordinating with architects/MEP/IT; familiarity with applicable codes and standards.
RTXNYSE: RTX: Provides advanced aerospace and defense systems and services.
12+ YOE12+ years applying AI/ML to deliver production systems, experience with LLMs, secure MLOps/DevSecOps, cloud and embedded deployment, and ability to obtain TS/SCI clearance (U.S. citizenship required).