151 application security engineer jobs at 107 companies in Pleasanton, CA

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
3w
Save
Mark Applied
Hide
Staff Application Security Engineer
San Francisco or United States
$240k-$300k/yr HybridFull Time
Brex
Brex: Corporate cards and spend management software for businesses.
8+ YOE8+ years in application/product security or related software engineering; technical leadership and mentorship experience; expertise in AI security, threat modeling, cloud-native container security (AWS, Kubernetes); proficiency in Python/Go; strong communication skills.
Python, Go, Kotlin, gRPC, GraphQL, Kubernetes, AWS, LLM
1w
Save
Mark Applied
Hide
Senior Security Application Engineer
Palo Alto, California, United States
$200k-$235k/yr OnsiteFull Time
BitGo
BitGoNYSE: BTGO: Provides secure infrastructure for institutional digital asset management.
8+ YOE8+ years building and scaling application security programs for FinTech/Web3; strong engineering background in distributed systems, Python or Java, Kubernetes, AWS, Terraform; experience with SAST/DAST, CI/CD security automation, KMS/encryption, SOC 2/GDPR controls, and securing AI/ML lifecycles.
SAST, DAST, CI/CD, Terraform, Kubernetes, AWS, Python, Java, KMS, MLOps, LLM
3d
Save
Mark Applied
Hide
Lead Application Security Engineer
San Francisco, California, United States
$140k-$180k/yr RemoteFull Time
Zeta Global
Zeta GlobalNYSE: ZETA: Provides an AI-powered marketing platform for enterprise customer engagement.
5+ YOEBachelor's or equivalent,5+ years application security experience,knowledge of OWASP and threat modeling,AI/ML security familiarity,cloud and container experience,experience with security automation and tooling.
React, Node.js, Django, FastAPI, OAuth2, OIDC, JWT, AWS, GCP, Azure, Docker, Kubernetes, Semgrep, SonarQube, Burp Suite, OWASP ZAP, Trivy, Snyk, GitHub Advanced Security
2mo
Save
Mark Applied
Hide
Staff Application Security Engineer
New York or San Francisco or London
$185k-$260k/yr OnsiteFull Time
Bitwise Asset Management
Bitwise Asset Management: Specialized crypto-focused asset manager and index fund provider.
7+ YOE7+ years in application security, hands-on SAST/DAST, secure SDLC and CI/CD security, dependency and supply-chain security, threat modeling (STRIDE/PASTA), penetration test coordination, secrets management experience.
SAST, DAST, CI/CD, Socket.dev, HashiCorp Vault, AWS Secrets Manager, STRIDE, PASTA
3w
Save
Mark Applied
Hide
Security Engineer, Application Security
San Francisco, California, United States
$200k-$325k/yr OnsiteFull Time
Serval
Serval: AI platform for automating IT and enterprise service workflows.
10+ YOE10+ years in cybersecurity with deep expertise in application security, secure SDLC, vulnerability management, secure cloud-native architecture, leadership experience, and strong software engineering skills.
SAST, DAST, SCA, secrets scanning, fuzzing, CI/CD
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer
New York or Los Angeles or San Francisco
$165k-$190k/yr HybridFull Time
Tatari
Tatari: A platform for buying and measuring TV advertising campaigns.
Production Python experience, significant hands-on application security experience, threat modeling, building security tooling/automation, familiarity with AWS and Kubernetes, and SAST/DAST/SCA/CI-CD integration.
Python, Java, Rust, AWS, Kubernetes, OWASP Top 10, API Security Top 10, ASVS, SPVS, AISVS, SAST, DAST, SCA, CI/CD
1mo
Save
Mark Applied
Hide
Application Security Engineer
San Francisco, California, United States
HybridFull Time
Opal Security
Opal Security: Provides intelligent identity governance and enterprise access management solutions.
4+ YOE4+ years in application security or software security engineering; writing production code; strong auth: OAuth 2.0, OIDC, SAML; experience with AWS and containers; Go/TypeScript; security tooling; incident response.
Go, TypeScript, React, PostgreSQL, Redis, GraphQL, AWS, Kubernetes, Docker
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer - Moveworks
Mountain View, California, United States
OnsiteFull Time
ServiceNow
ServiceNowNYSE: NOW: Provides a cloud platform for automating enterprise digital workflows.
5+ YOE5+ years in application security, 3+ years penetration testing, experience with SAST/DAST, Snyk, GitHub Dependabot, Burp Suite, Python/Golang, cloud security (AWS/GCP/Azure), and AI/LLM security; BS or equivalent.
SAST, DAST, Snyk, GitHub Dependabot, Burp Suite, Python, Golang, AWS, GCP, Azure
2d
Save
Mark Applied
Hide
Application Security Engineer
San Francisco, California, United States
$145k-$180k/yr HybridFull Time
HeartFlow
HeartFlowNASDAQ: HTFL: Provides AI-driven non-invasive cardiac diagnostic software and analysis.
5+ YOE5+ years experience, ≥1 year in application security or security work in development; BS or equivalent/certifications; experience with secure SDLC, threat modeling, SAST/DAST/SCA, and vulnerability management.
C++, Python, Claude Code, GitHub Copilot, SAST, DAST, SCA, CI/CD, AWS, Terraform, Chef, Ansible, Docker, Kubernetes, GitHub Actions
2mo
Save
Mark Applied
Hide
Application Security Engineer
San Francisco or New York City or Seattle
OnsiteFull Time
Braintrust
Braintrust: Platform for evaluating and monitoring AI model performance.
5+ YOE5+ years in application security or backend engineering; strong skills in TypeScript/Node.js, Python, Go, or Rust; deep web/API vulnerability knowledge; experience building secure-by-default libraries; authn/authz design; multi-tenant data isolation; secrets management; VS real-time data platform familiarity.
TypeScript, Node.js, Python, Go, Rust, PostgreSQL, Redis, AWS
1w
Save
Mark Applied
Hide
Principal / Staff Application Security Engineer
Bengaluru or Palo Alto
$210k-$270k/yr HybridFull Time
AiDash
AiDash: Satellite-first AI platform for utility and infrastructure resilience
8+ YOE8+ years security engineering with AppSec depth; hands-on LLM/GenAI security and AWS cloud security; experience with SAST/DAST/SCA, IaC policy-as-code, SBOM tooling, and compliance (SOC 2/ISO).
Semgrep, CodeQL, Snyk, Veracode, OPA/Rego, Checkov, Kyverno, tfsec, Interlynk, Anchore, Dependency-Track, Promptfoo, Garak, DeepEval, Giskard, Nightfall, Lakera Guard, Cyberhaven, Harmonic Security, Protect AI, NVIDIA NeMo Guardrails, CrowdStrike, SentinelOne, Defender, AWS, Kubernetes, SAST, DAST, SCA, SBOM, AIBOM, CSPM, CNAPP, SLSA
2mo
Save
Mark Applied
Hide
Lead Application Security Engineer
San Francisco, California, United States
$225k-$400k/yr OnsiteFull Time
Ivo
Ivo: AI-powered contract review and intelligence platform for legal teams.
4+ YOE5+ years in application security; hands-on web pen testing; TypeScript/Node and Python; cloud security in GCP/Azure; manage pen tests; secure coding; strong communication.
SAST, DAST, SCA, IaC scanning, secrets detection, OWASP, Firebase Auth, WorkOS, SAML, OAuth, SSO, RBAC, Kubernetes security, cloud security
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer
United States or Canada or San Francisco or New York City or Seattle
$190k-$273k/yr RemoteFull Time
Apollo.io
Apollo.io: AI-powered platform for B2B sales intelligence and outreach automation.
5+ YOE5+ years software engineering or application security experience; strong coding skills (Ruby, Python), Linux and GCP familiarity, deep AppSec/vulnerability management, pen-testing and SAST experience, AI security, and strong communication.
Ruby, Python, Linux, GCP, SAST
6d
Save
Mark Applied
Hide
Staff+ Application Security Engineer - M&A
San Francisco or Seattle or New York City
$320k-$485k/yr HybridFull Time
Anthropic
Anthropic: Developing safe and reliable artificial intelligence systems.
Hands-on application and infrastructure security experience, production-quality coding in Python/Go/Rust/TypeScript, threat-modeling, vulnerability ID, clear communication, and ability to assess unfamiliar codebases under time pressure.
Python, Go, Rust, TypeScript, Claude, SAST, DAST, LLMs, bug bounty
1mo
Save
Mark Applied
Hide
Staff Application Security Engineer
San Francisco or New York City or Pittsburgh
$228k-$290k/yr HybridFull Time
Abridge
Abridge: Automates medical documentation through AI-powered speech analysis
10+ YOE10+ years in application security, expertise in threat modeling, secure code review, vulnerability management, incident response, programming (Python, NextJS), cloud security (GCP), Kubernetes, and AI/ML security; strong communication and leadership skills.
Python, NextJS, GCP, Kubernetes
2mo
Save
Mark Applied
Hide
AI Application Security Engineer
San Francisco, California, United States
HybridFull Time
Brain Co.
Brain Co.: Builds AI software platforms for governments and large enterprises.
5+ YOE5+ years in application or product security; hands-on security tooling and coding; strong knowledge of application security fundamentals; experience with AI-enabled security.
Python, Go, TypeScript, SAST/DAST tooling
3w
Save
Mark Applied
Hide
Senior Application Security Engineer
San Jose, California, United States
$100k-$150k/yr HybridFull Time
Credo Semiconductor
Credo SemiconductorNASDAQ: CRDO: Designing high-speed semiconductor connectivity solutions for data infrastructure.
5+ YOE5+ years application/product security; 3+ years Secure SDLC leadership; expertise in secure coding, threat modeling, code review, vulnerability management; proficiency in C, C++, Python; DevSecOps and CI/CD automation.
C, C++, Python, GitHub, GitLab, CI/CD, SAST, DAST, SCA, Secrets Scanning, Container Security, PILOT, AWS, Azure, GCP, STRIDE, NIST SSDF, NIST CSF, CIS Controls, ISO 27001
3mo
Save
Mark Applied
Hide
Staff/Principal Application Security Engineer
San Francisco, California, United States
$240k-$330k/yr HybridFull Time
Binti
Binti: Software for government social services and child welfare agencies.
Proven experience in application security with leadership in security architecture and secure coding practices.
Ruby, Python, Java, OWASP, cloud computing, full-stack development
3w
Save
Mark Applied
Hide
Senior Application Security Engineer
Seattle or Los Angeles or San Francisco or California or Colorado or Connecticut or Delaware or Hawaii or Illinois or Maine or Maryland or Massachusetts or Minnesota or Nevada or New Jersey or New York or Rhode Island or Virginia or Washington or Washington DC or United States
$141k-$259k/yr OnsiteFull Time
Nordstrom
Nordstrom: Operates luxury department stores and off-price retail outlets.
4+ YOE4+ years in application security or related field; experience shipping security tooling and automation; expert threat modeling, security design review, and manual code review; fluent reading/writing code in Java, Kotlin, C#, or Python; cloud-native and LLM/AI security knowledge.
Java, Kotlin, C#, Python, SAST, SCA, DAST, secrets scanning, GitHub Advanced Security, JFrog Artifactory, AWS, GCP, Azure, Kubernetes, LLM
2d
Save
Mark Applied
Hide
Staff Application Security Engineer
Palo Alto, California, United States
$220k-$270k/yr HybridFull Time
Nclusion
Nclusion: Provides digital banking and payment infrastructure for unbanked populations.
10+ YOE10+ years in software or application security; strong programming in Go, Python, Java, TypeScript, or C++; experience with Kubernetes, Terraform, threat modeling, API security, IAM concepts, and secure CI/CD; pragmatic balance of developer productivity and risk.
Go, Python, Java, TypeScript, C++, Kubernetes, Terraform, SAST, DAST

Explore Jobs

Expand Your Job Search