20 appsec engineer jobs at 20 companies in Fairfield, CA

PromotedHiringCafe
Founding Backend / Infra Engineer
Cupertino, CA, US
$160k-$300k/yr On-SiteFull Time
HiringCafe
HiringCafe: Building a 100× better job search engine to take on Indeed and LinkedIn.
Own the crawlers, pipelines, and infrastructure powering a real-time job search engine. Strong Node.js and Python fundamentals; bonus points for security and reverse-engineering chops.
Node.js, Python, Elasticsearch, Redis
1mo
Save
Mark Applied
Hide
AppSec Engineer
Austin or Chicago or Denver or Los Angeles or San Diego or San Francisco or United States or Australia or New Zealand or Canada or United Kingdom or Philippines
$131k-$169k/yr HybridFull Time
Karbon
Karbon: Practice management software for accounting firms.
4+ YOE4+ years security/development experience embedding AppSec in SDLC, cloud (Azure/AWS/GCP), SAST/SCA/DAST configuration, CI/CD security, code review, Python/PowerShell/Bash, and strong communication skills.
Microsoft .NET/C#, JavaScript, React, EmberJS, Python, Azure, AWS, GCP, PowerShell, Bash, Claude Code, GitHub Co-Pilot, Portswigger Burp, SAST, SCA, DAST, GitHub Actions, Azure Devops, EDR, MDM
1w
Save
Mark Applied
Hide
Senior Security Engineer
Boston or Chicago or Los Angeles or New York or San Francisco or Toronto or Vancouver or Vancouver
$145k-$175k/yr RemoteFull Time
Later
Later: Provides software for social media scheduling and influencer marketing.
5+ YOE5+ years security engineering experience; strong application, cloud, and infrastructure security; SOC 2 and compliance experience; vulnerability management, IaC and CI/CD security; strong communication and software engineering skills.
OWASP, NIST, CIS Controls, SOC 2, ISO 27001, AWS Security Hub, Azure Security Center, GCP Security Command Center, SIEM, SOAR, Terraform, CloudFormation, C#, CI/CD
1mo
Save
Mark Applied
Hide
Security Engineer
New York City or San Francisco
$165k-$200k/yr OnsiteFull Time
Merge
Merge: Unified API platform for connecting B2B software integrations.
3+ YOE3+ years security engineering with product/application focus; familiarity with OWASP, threat modeling, secure code review, SAST/DAST/SCA and CI/CD integration; able to read/write code; SaaS/API experience.
OWASP, SAST, DAST, SCA, CI/CD
1mo
Save
Mark Applied
Hide
Staff/Senior Engineer, Security
San Francisco or Toronto or United States or Canada
$180k-$260k/yr HybridFull Time
EvenUp
EvenUp: AI-powered document generation and analysis for personal injury law.
5+ YOE5+ years in security-focused engineering with hands-on architecture, SAST/DAST and CI/CD integration, cloud and application security, experience securing AI systems, strong scripting (Python) and relevant cybersecurity certification.
SAST, DAST, CI/CD, OWASP, JFrog, Snyk, SASE, CASB, RASP, Python, Ruby, Node.js, DNS-SEC
2w
Save
Mark Applied
Hide
Staff Security Engineer, Proactive Security
United States or Canada or San Francisco
$194k-$285k/yr RemoteFull Time
DoorDash
DoorDashNASDAQ: DASH: On-demand delivery platform connecting consumers with local merchants.
10+ YOE10+ years product security engineering experience; expertise in auth/authz, OWASP top 10, secure microservices, code reviews; hands-on in at least one OO language (Java or Golang); technical leadership and stakeholder management skills.
Java, Golang, OWASP, CI/CD
1mo
Save
Mark Applied
Hide
Founding Sales Engineer
San Francisco, California, United States
HybridFull Time
Corridor
Corridor: Secures software codebases using AI-powered autonomous vulnerability detection.
5+ YOE5+ years in sales engineering or pre-sales, experience selling to security/AppSec or developer-tools buyers; strong technical demo/POV, and travel up to ~30%.
Git, CI/CD, IDEs, Code Review, Cursor, Claude Code, GitHub Copilot
1mo
Save
Mark Applied
Hide
AI Security & Control Engineer
London or San Francisco
£115k-£200k/yr OnsiteFull Time
Apollo Research
Apollo Research: Developing technical evaluations to detect and mitigate AI scheming risks.
5+ YOE5+ years hands-on security experience; threat modeling, red‑teaming, and attack design for software/AI systems; application/cloud/product security; able to read code, evaluate infra and controls, and produce clear security artifacts.
MITRE ATT&CK, SIEM, DLP, CSPM, CI/CD, Watcher, Claude Code, Cursor, Codex, AppSec
1mo
Save
Mark Applied
Hide
Senior Application Security Engineer
United States or Canada or San Francisco or New York City or Seattle
$190k-$273k/yr RemoteFull Time
Apollo.io
Apollo.io: AI-powered platform for B2B sales intelligence and outreach automation.
5+ YOE5+ years software engineering or application security experience; strong coding skills (Ruby, Python), Linux and GCP familiarity, deep AppSec/vulnerability management, pen-testing and SAST experience, AI security, and strong communication.
Ruby, Python, Linux, GCP, SAST
2mo
Save
Mark Applied
Hide
Senior Software Engineer, Security
San Francisco or Seattle
$165k-$230k/yr HybridFull Time
NexHealth
NexHealth: Connects patient experience software with electronic health records.
5+ YOE5+ years software engineering; 1–3+ years security; backend in Python/Go/Java; OAuth/JWT; AWS/Google Cloud; OWASP; SAST/DAST; RBAC; Bachelor's in CS/Engineering.
Python, Go, Java, OAuth 2.0, JWT, RBAC, OWASP, SAST, DAST, AWS, Google Cloud, CI/CD
2w
Save
Mark Applied
Hide
Security Engineer
Los Angeles or San Francisco
$145k-$185k/yr OnsiteFull Time
Vast.ai
Vast.ai: Decentralized marketplace for GPU cloud computing resources.
Bachelor's in CS/cybersecurity, strong programming (Python or C), deep Linux and containerization knowledge, offensive and defensive security experience, familiarity with SOC 2/NIST, and security testing tools.
Python, C, Linux, Burp Suite, OWASP, SIEM, WAF, EDR
3w
Save
Mark Applied
Hide
Staff SW Engineer
Foster City, California, United States
$146k-$234k/yr HybridFull Time
Visa
VisaNYSE: V: Global payment technology facilitating electronic funds transfers.
5+ YOE5+ years relevant experience with a Bachelor's (or alternate experience paths). Strong software development and scripting (Python, JavaScript/TypeScript, Java, Go, Bash, PowerShell), cloud, CI/CD, containerization, and cybersecurity experience; familiarity with AI-assisted development and vulnerability management.
Python, JavaScript, TypeScript, Java, Go, Bash, PowerShell, LLMs, GitHub Copilot, ChatGPT, Claude, Codex, Gemini, Cursor, Microsoft Copilot, Docker, Kubernetes, Terraform, Ansible, AWS, Azure, Google Cloud Platform, CI/CD, JIRA, SAST, DAST, SCA, Windows, Unix/Linux, OWASP, NIST, ISO 27001, PCI DSS, SOC 2, FFIEC, GLBA, CIS Benchmarks, RAG
1mo
Save
Mark Applied
Hide
Senior Software Engineer
San Francisco or Knoxville or New York City or Arizona or California or Colorado or Connecticut or Florida or Georgia or Illinois or Louisiana or Massachusetts or Minnesota or North Carolina or New Jersey or Nevada or New York or Ohio or Pennsylvania or South Carolina or Tennessee or Texas or Washington or Virginia or District of Columbia
$150k-$224k/yr RemoteFull Time
Verana Health
Verana Health: Curates real-world clinical data to accelerate medical research and insights.
5+ YOE5+ years backend development with Java and Spring Boot, experience with AWS, Docker, Kubernetes, CI/CD, TDD/JUnit, REST/microservices, observability (Datadog, CloudWatch, OpenTelemetry), mentoring skills, and experience with RDBMS, Elasticsearch and NoSQL.
Java, Spring Boot, AWS, GHA, Jenkins, Docker, Kubernetes, JUnit, TDD, REST, OAuth 2.0, OWASP, Elasticsearch, NoSQL, Datadog, CloudWatch, OpenTelemetry, React, WebSockets, Python, Kafka, SQS, CI/CD
2mo
Save
Mark Applied
Hide
Engineering Manager, Application Security
Austin or San Francisco or Concord
$210k-$240k/yr HybridFull Time
Qualia
Qualia: Cloud platform for digital real estate closing and settlement.
5+ YOE2+ Mgmt5+ years security or full-stack engineering; 2+ years managing security or platform team; hands-on AppSec; automation with AI/LLMs; fintech/real estate familiarity preferred.
JavaScript, NodeJS, Typescript, MongoDB, Kubernetes, AWS, SAST, DAST, SCA, AI tooling
3mo
Save
Mark Applied
Hide
Staff/Principal Application Security Engineer
San Francisco, California, United States
$240k-$330k/yr HybridFull Time
Binti
Binti: Software for government social services and child welfare agencies.
Proven experience in application security with leadership in security architecture and secure coding practices.
Ruby, Python, Java, OWASP, cloud computing, full-stack development
2mo
Save
Mark Applied
Hide
Lead Application Security Engineer
San Francisco, California, United States
$225k-$400k/yr OnsiteFull Time
Ivo
Ivo: AI-powered contract review and intelligence platform for legal teams.
4+ YOE5+ years in application security; hands-on web pen testing; TypeScript/Node and Python; cloud security in GCP/Azure; manage pen tests; secure coding; strong communication.
SAST, DAST, SCA, IaC scanning, secrets detection, OWASP, Firebase Auth, WorkOS, SAML, OAuth, SSO, RBAC, Kubernetes security, cloud security
1mo
Save
Mark Applied
Hide
Sr. Manager, Security Engineering
San Francisco, California, United States
$240k-$280k/yr RemoteFull Time
Material Security
Material Security: Protects sensitive data within cloud email and office platforms.
Proven IC-to-manager security engineering experience; deep technical fluency in Detection, AppSec, or InfraSec; strong operational discipline for on-call and incident response; ability to drive cross-functional security strategy.
2w
Save
Mark Applied
Hide
Tech Lead (DevSecOps)
Melbourne or Sydney or San Francisco or New York City
HybridFull Time
Blinq
Blinq: A platform for creating and sharing digital business cards.
Tech-lead level backend/security experience with Node.js/TypeScript, cloud (GCP), infrastructure-as-code (Pulumi/Terraform), Datadog and EDR, SAST/DAST and dependency scanning, IAM/OAuth/SSO, SOC 2/ISO 27001/GDPR exposure, and experience leading security and incident response.
Node.js, TypeScript, GCP, Cloudflare, Firebase, Pulumi, Terraform, Datadog, EDR, SAST, DAST, Snyk, Dependabot, Renovate, SIEM, Vanta, OWASP, OAuth, SSO, CI/CD, Iru
3mo
Save
Mark Applied
Hide
Product Security Engineer (PSIRT - Product Security Incident Response Team)
Foster City, California, United States
$180k-$325k/yr HybridFull Time
Replit
Replit: Cloud-based platform for building and hosting software applications.
Experience triaging and reproducing vulnerabilities; strong web/app/cloud security knowledge; familiarity with bug bounty programs and coordinated disclosure.
HackerOne, OWASP, GCP, CI/CD, SaaS
1mo
Save
Mark Applied
Hide
Enterprise Account Manager
Los Angeles or San Francisco or Seattle
$280k-$320k/yr RemoteFull Time
Checkmarx
Checkmarx: Provides enterprise-grade application security testing and risk management software.
3+ YOEProven enterprise SaaS sales track record (3+ years), pipeline generation, channel and account management experience, MEDDIC/Force Management practitioner, experience selling to CISO/AppSec/engineering buyers, and Salesforce/CRM proficiency.
Checkmarx One, Salesforce, CRM, MEDDIC, Force Management
3w
Save
Mark Applied
Hide
AI Security and Governance Lead
Washington or Los Angeles or Troy or New York or Houston or Chicago or Grand Rapids or Owings Mills or Baltimore or Columbia or Richmond or Memphis or Raleigh or Boston or San Jose or San Francisco or Austin or Kalamazoo or Spokane or Denver or Fort Worth or Atlanta or Orlando or Dallas or Wilmington or Phoenix or San Antonio or Milwaukee or Madison or McLean or Huntsville or Melville or Woodbridge or Stamford or Miami or Philadelphia or Charlotte or Greenville or West Palm Beach or Costa Mesa or St. Louis or Fort Lauderdale or Seattle or Rosemont or Pittsburgh or Tulsa or Cincinnati or Cleveland or Columbus or Akron or Cherry Hill or Tampa or Minneapolis or Anchorage or Salt Lake City or Norfolk or Jacksonville or Boulder or Nashville or Oak Brook or Las Vegas or Indianapolis or San Diego or Potomac or Walnut Creek or Daphne or Baton Rouge or Metairie or Grenada or Hattiesburg or Brentwood or Jackson or Miramar Beach or Tallahassee or Mobile
$151k-$193k/yr OnsiteFull Time
BDO USA
BDO USA: Provides accounting, tax, and business advisory services to organizations.
7+ YOEBachelor's in CS/IT/Cyber/Data Science required, 7+ years in enterprise architecture/security/governance or AI engineering, experience with Microsoft Azure AI platforms, AI risk assessments and governance frameworks, and leadership/mentoring experience.
Microsoft Azure, Azure AI, Azure OpenAI, Azure AI Foundry, LangChain, Semantic Kernal, NIST AI RMF, ISO 42001, ISO 27001, OWASP, SANS