27 appsec engineer jobs at 26 companies in Berkeley, CA

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
1mo
Save
Mark Applied
Hide
AppSec Engineer
Austin or Chicago or Denver or Los Angeles or San Diego or San Francisco or United States or Australia or New Zealand or Canada or United Kingdom or Philippines
$131k-$169k/yr HybridFull Time
Karbon
Karbon: Practice management software for accounting firms.
4+ YOE4+ years security/development experience embedding AppSec in SDLC, cloud (Azure/AWS/GCP), SAST/SCA/DAST configuration, CI/CD security, code review, Python/PowerShell/Bash, and strong communication skills.
Microsoft .NET/C#, JavaScript, React, EmberJS, Python, Azure, AWS, GCP, PowerShell, Bash, Claude Code, GitHub Co-Pilot, Portswigger Burp, SAST, SCA, DAST, GitHub Actions, Azure Devops, EDR, MDM
1mo
Save
Mark Applied
Hide
Senior Security Engineer - AppSec
Santa Clara, California, United States
$186k-$279k/yr OnsiteFull Time
Pure Storage
Pure StorageNYSE: PSTG: Provides all-flash enterprise data storage and management solutions.
Senior AppSec engineer with CI/CD security integration, automation, and collaboration across product and DevOps teams.
1w
Save
Mark Applied
Hide
Principal / Staff Application Security Engineer
Bengaluru or Palo Alto
$210k-$270k/yr HybridFull Time
AiDash
AiDash: Satellite-first AI platform for utility and infrastructure resilience
8+ YOE8+ years security engineering with AppSec depth; hands-on LLM/GenAI security and AWS cloud security; experience with SAST/DAST/SCA, IaC policy-as-code, SBOM tooling, and compliance (SOC 2/ISO).
Semgrep, CodeQL, Snyk, Veracode, OPA/Rego, Checkov, Kyverno, tfsec, Interlynk, Anchore, Dependency-Track, Promptfoo, Garak, DeepEval, Giskard, Nightfall, Lakera Guard, Cyberhaven, Harmonic Security, Protect AI, NVIDIA NeMo Guardrails, CrowdStrike, SentinelOne, Defender, AWS, Kubernetes, SAST, DAST, SCA, SBOM, AIBOM, CSPM, CNAPP, SLSA
1w
Save
Mark Applied
Hide
Senior Security Engineer
Boston or Chicago or Los Angeles or New York or San Francisco or Toronto or Vancouver or Vancouver
$145k-$175k/yr RemoteFull Time
Later
Later: Provides software for social media scheduling and influencer marketing.
5+ YOE5+ years security engineering experience; strong application, cloud, and infrastructure security; SOC 2 and compliance experience; vulnerability management, IaC and CI/CD security; strong communication and software engineering skills.
OWASP, NIST, CIS Controls, SOC 2, ISO 27001, AWS Security Hub, Azure Security Center, GCP Security Command Center, SIEM, SOAR, Terraform, CloudFormation, C#, CI/CD
4w
Save
Mark Applied
Hide
Security Engineer
New York City or San Francisco
$165k-$200k/yr OnsiteFull Time
Merge
Merge: Unified API platform for connecting B2B software integrations.
3+ YOE3+ years security engineering with product/application focus; familiarity with OWASP, threat modeling, secure code review, SAST/DAST/SCA and CI/CD integration; able to read/write code; SaaS/API experience.
OWASP, SAST, DAST, SCA, CI/CD
1mo
Save
Mark Applied
Hide
Staff/Senior Engineer, Security
San Francisco or Toronto or United States or Canada
$180k-$260k/yr HybridFull Time
EvenUp
EvenUp: AI-powered document generation and analysis for personal injury law.
5+ YOE5+ years in security-focused engineering with hands-on architecture, SAST/DAST and CI/CD integration, cloud and application security, experience securing AI systems, strong scripting (Python) and relevant cybersecurity certification.
SAST, DAST, CI/CD, OWASP, JFrog, Snyk, SASE, CASB, RASP, Python, Ruby, Node.js, DNS-SEC
2w
Save
Mark Applied
Hide
Staff Security Engineer, Proactive Security
United States or Canada or San Francisco
$194k-$285k/yr RemoteFull Time
DoorDash
DoorDashNASDAQ: DASH: On-demand delivery platform connecting consumers with local merchants.
10+ YOE10+ years product security engineering experience; expertise in auth/authz, OWASP top 10, secure microservices, code reviews; hands-on in at least one OO language (Java or Golang); technical leadership and stakeholder management skills.
Java, Golang, OWASP, CI/CD
1mo
Save
Mark Applied
Hide
Founding Sales Engineer
San Francisco, California, United States
HybridFull Time
Corridor
Corridor: Secures software codebases using AI-powered autonomous vulnerability detection.
5+ YOE5+ years in sales engineering or pre-sales, experience selling to security/AppSec or developer-tools buyers; strong technical demo/POV, and travel up to ~30%.
Git, CI/CD, IDEs, Code Review, Cursor, Claude Code, GitHub Copilot
3mo
Save
Mark Applied
Hide
Sr Staff Engineer - AI Security
Seattle or Palo Alto or Dallas or Bethesda
$120k-$260k/yr HybridFull Time
GEICO
GEICO: Provides vehicle and property insurance services to consumers.
10+ YOE10+ years in security design and AI security for applications; cloud security, threat modeling; AWS/GCP/Azure; SCA/DAST/SAST tools; bachelor’s in CS or related; certifications desired.
AWS, GCP, Azure, SCA, DAST, SAST, Encryption, OpenID Connect, OAuth, SAML, RADIUS, LDAP, KERBEROS, OWASP, NIST, PCI-DSS, DevOps/SecDevOps
4w
Save
Mark Applied
Hide
AI Security & Control Engineer
London or San Francisco
£115k-£200k/yr OnsiteFull Time
Apollo Research
Apollo Research: Developing technical evaluations to detect and mitigate AI scheming risks.
5+ YOE5+ years hands-on security experience; threat modeling, red‑teaming, and attack design for software/AI systems; application/cloud/product security; able to read code, evaluate infra and controls, and produce clear security artifacts.
MITRE ATT&CK, SIEM, DLP, CSPM, CI/CD, Watcher, Claude Code, Cursor, Codex, AppSec
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer
United States or Canada or San Francisco or New York City or Seattle
$190k-$273k/yr RemoteFull Time
Apollo.io
Apollo.io: AI-powered platform for B2B sales intelligence and outreach automation.
5+ YOE5+ years software engineering or application security experience; strong coding skills (Ruby, Python), Linux and GCP familiarity, deep AppSec/vulnerability management, pen-testing and SAST experience, AI security, and strong communication.
Ruby, Python, Linux, GCP, SAST
1w
Save
Mark Applied
Hide
Senior Privacy Engineer (RED team) - TikTok PDPO
San Jose, California, United States
$213k-$388k/yr OnsiteFull Time
TikTok
TikTok: Global short-form video hosting and social media platform.
Hands-on offensive security/red teaming experience, strong appsec and privacy engineering knowledge, ability to threat-model privacy concepts and lead end-to-end technical assessments, strong communication skills.
MITRE ATT&CK
2d
Save
Mark Applied
Hide
Security Engineer, Level 5
Los Angeles or Palo Alto or Bellevue or Santa Monica
$178k-$313k/yr OnsiteFull Time
Snap
SnapNYSE: SNAP: Develops social media applications and augmented reality technology.
6+ YOE6+ years security experience post-Bachelor's, expertise in infrastructure/enterprise/access/appsec/detection or abuse domains; experience with cloud, Kubernetes, IAM, CSPM, AI tools, threat modeling, and securing distributed systems.
Kubernetes, IAM, CSPM, AI tools, AI/ML
2mo
Save
Mark Applied
Hide
Senior Software Engineer, Security
San Francisco or Seattle
$165k-$230k/yr HybridFull Time
NexHealth
NexHealth: Connects patient experience software with electronic health records.
5+ YOE5+ years software engineering; 1–3+ years security; backend in Python/Go/Java; OAuth/JWT; AWS/Google Cloud; OWASP; SAST/DAST; RBAC; Bachelor's in CS/Engineering.
Python, Go, Java, OAuth 2.0, JWT, RBAC, OWASP, SAST, DAST, AWS, Google Cloud, CI/CD
2w
Save
Mark Applied
Hide
Security Engineer
Los Angeles or San Francisco
$145k-$185k/yr OnsiteFull Time
Vast.ai
Vast.ai: Decentralized marketplace for GPU cloud computing resources.
Bachelor's in CS/cybersecurity, strong programming (Python or C), deep Linux and containerization knowledge, offensive and defensive security experience, familiarity with SOC 2/NIST, and security testing tools.
Python, C, Linux, Burp Suite, OWASP, SIEM, WAF, EDR
3w
Save
Mark Applied
Hide
Staff SW Engineer
Foster City, California, United States
$146k-$234k/yr HybridFull Time
Visa
VisaNYSE: V: Global payment technology facilitating electronic funds transfers.
5+ YOE5+ years relevant experience with a Bachelor's (or alternate experience paths). Strong software development and scripting (Python, JavaScript/TypeScript, Java, Go, Bash, PowerShell), cloud, CI/CD, containerization, and cybersecurity experience; familiarity with AI-assisted development and vulnerability management.
Python, JavaScript, TypeScript, Java, Go, Bash, PowerShell, LLMs, GitHub Copilot, ChatGPT, Claude, Codex, Gemini, Cursor, Microsoft Copilot, Docker, Kubernetes, Terraform, Ansible, AWS, Azure, Google Cloud Platform, CI/CD, JIRA, SAST, DAST, SCA, Windows, Unix/Linux, OWASP, NIST, ISO 27001, PCI DSS, SOC 2, FFIEC, GLBA, CIS Benchmarks, RAG
1mo
Save
Mark Applied
Hide
Senior Software Engineer
San Francisco or Knoxville or New York City or Arizona or California or Colorado or Connecticut or Florida or Georgia or Illinois or Louisiana or Massachusetts or Minnesota or North Carolina or New Jersey or Nevada or New York or Ohio or Pennsylvania or South Carolina or Tennessee or Texas or Washington or Virginia or District of Columbia
$150k-$224k/yr RemoteFull Time
Verana Health
Verana Health: Curates real-world clinical data to accelerate medical research and insights.
5+ YOE5+ years backend development with Java and Spring Boot, experience with AWS, Docker, Kubernetes, CI/CD, TDD/JUnit, REST/microservices, observability (Datadog, CloudWatch, OpenTelemetry), mentoring skills, and experience with RDBMS, Elasticsearch and NoSQL.
Java, Spring Boot, AWS, GHA, Jenkins, Docker, Kubernetes, JUnit, TDD, REST, OAuth 2.0, OWASP, Elasticsearch, NoSQL, Datadog, CloudWatch, OpenTelemetry, React, WebSockets, Python, Kafka, SQS, CI/CD
2mo
Save
Mark Applied
Hide
Engineering Manager, Application Security
Austin or San Francisco or Concord
$210k-$240k/yr HybridFull Time
Qualia
Qualia: Cloud platform for digital real estate closing and settlement.
5+ YOE2+ Mgmt5+ years security or full-stack engineering; 2+ years managing security or platform team; hands-on AppSec; automation with AI/LLMs; fintech/real estate familiarity preferred.
JavaScript, NodeJS, Typescript, MongoDB, Kubernetes, AWS, SAST, DAST, SCA, AI tooling
3mo
Save
Mark Applied
Hide
Staff/Principal Application Security Engineer
San Francisco, California, United States
$240k-$330k/yr HybridFull Time
Binti
Binti: Software for government social services and child welfare agencies.
Proven experience in application security with leadership in security architecture and secure coding practices.
Ruby, Python, Java, OWASP, cloud computing, full-stack development
2mo
Save
Mark Applied
Hide
Lead Application Security Engineer
San Francisco, California, United States
$225k-$400k/yr OnsiteFull Time
Ivo
Ivo: AI-powered contract review and intelligence platform for legal teams.
4+ YOE5+ years in application security; hands-on web pen testing; TypeScript/Node and Python; cloud security in GCP/Azure; manage pen tests; secure coding; strong communication.
SAST, DAST, SCA, IaC scanning, secrets detection, OWASP, Firebase Auth, WorkOS, SAML, OAuth, SSO, RBAC, Kubernetes security, cloud security