Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Application Security Engineer

$140k - $180k
Full-time

Zeta Global

Role Description

We’re seeking a Lead Application Security Engineer to help advance Zeta Global’s application and platform security posture through AI-native security practices, intelligent automation, and scalable security engineering. You’ll play a critical role in embedding security throughout the software development lifecycle by using AI-driven tools, automated controls, and data-informed risk prioritization to ensure our systems, applications, and AI-powered platforms are built securely from the ground up.

Zeta operates at massive scale, powering billions of consumer profiles and petabytes of data across real-time, AI-powered marketing platforms. In this role, you’ll collaborate with Engineering, Product, QA, DevOps, and AI platform teams to identify risks, design secure-by-default patterns, and build automated security capabilities that enable secure innovation at speed.

This position offers significant technical scope, cross-functional visibility, and the opportunity to directly influence the company’s security maturity through AI-enabled threat modeling, automated validation, intelligent vulnerability management, and proactive defense.

Key Responsibilities

  • AI-Driven Threat Modeling & Security Validation
    • Use AI-assisted threat modeling capabilities to identify application, platform, API, cloud, data, and AI/ML security risks early in the design and development process.
    • Leverage automated security review tools to evaluate architecture, design documents, code changes, APIs, and data flows for security gaps and control weaknesses.
    • Drive AI-assisted code security reviews using SAST, DAST, SCA, secrets detection, IaC scanning, container scanning, and contextual risk analysis.
    • Use automation and intelligent correlation to assess third-party libraries, APIs, vendor integrations, and open-source dependencies for security, compliance, and supply-chain risk.
    • Support AI-enabled red team, blue team, and incident response simulations to validate detection, prevention, and response capabilities.
  • Embedding AI-Native Security into the SDLC
    • Partner with developers and QA engineers to embed AI-driven security testing and automated risk detection into CI/CD pipelines.
    • Build and improve security automation that provides real-time feedback to developers during design, coding, testing, release, and deployment.
    • Use AI-assisted analysis to review architecture and design artifacts, identify risks earlier, and recommend secure implementation patterns.
    • Contribute to intelligent security checkpoints that reduce manual review effort while improving consistency, traceability, and developer velocity.
    • Help design scalable guardrails, reusable security controls, and policy-as-code capabilities across application and platform teams.
  • Emerging Threat Monitoring & Proactive Defense
    • Monitor evolving application, cloud, API, AI/ML, and data security risks using AI-assisted threat intelligence, vulnerability intelligence, and attack-pattern analysis.
    • Identify and evaluate AI-specific threats such as prompt injection, data poisoning, model abuse, model leakage, insecure tool use, and sensitive data exposure.
    • Assist in designing and deploying proactive defense mechanisms across applications, APIs, data platforms, and AI-powered systems.
    • Use automated signals, telemetry, and risk scoring to support investigations, post-incident analysis, and continuous improvement of prevention and detection capabilities.
    • Translate recurring vulnerabilities and incidents into feedback loops that improve threat models, secure design patterns, and SDLC controls.
  • Security Awareness, Standards & Scalable Enablement
    • Promote secure coding and secure design practices through AI-assisted guidance, reusable playbooks, automated recommendations, and developer-friendly documentation.
    • Contribute to internal security standards, secure engineering patterns, and AI-native security playbooks.
    • Help teams adopt security self-service capabilities that reduce dependency on manual AppSec review.
    • Collaborate closely with Engineering, DevOps, QA, Product, and AI platform teams to foster a security-first and automation-first culture.
    • Use metrics and insights to measure control effectiveness, remediation trends, developer adoption, and overall security maturity.

Qualifications

  • Bachelor’s degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
  • 5+ years of experience in Application Security, DevSecOps, Secure Software Development, or Security Engineering.
  • Strong understanding of OWASP Top 10, SANS CWE Top 25, secure design principles, and application threat modeling.
  • Familiarity with AI/ML security concepts such as prompt injection, data poisoning, adversarial testing, model integrity, model abuse, and AI supply-chain risks.
  • Experience building or integrating AI-assisted security workflows, security bots, automated triage systems, or risk scoring models.
  • Experience using AI-assisted or automation-driven approaches to improve security testing, vulnerability analysis, code review, or risk prioritization.
  • Experience with modern application frameworks and architectures such as React, Node.js, Django, FastAPI, or similar technologies.
  • Knowledge of securing APIs, microservices, authentication, and authorization mechanisms such as OAuth2, OIDC, JWT, and service-to-service authentication.
  • Experience with cloud platforms such as AWS, GCP, or Azure, and containerized environments such as Docker and Kubernetes.
  • Working knowledge of security testing and automation tools such as Semgrep, SonarQube, Burp Suite, OWASP ZAP, Trivy, Snyk, GitHub Advanced Security, or similar tools.
  • Ability to analyze security findings, correlate risk context, and drive practical remediation guidance for engineering teams.
  • Strong collaboration and communication skills with the ability to work across Engineering, Product, QA, DevOps, and Security teams.

Nice to Have

  • Experience with policy-as-code, infrastructure-as-code security, CI/CD security controls, and automated governance.
  • Experience with automation frameworks and scripting for security testing, vulnerability validation, and remediation workflows.
  • Relevant certifications such as OSCP, GWAPT, CSSLP, cloud security certifications, or AI/ML-specific security certifications.

Benefits

  • Unlimited PTO
  • Excellent medical, dental, and vision coverage
  • Employee Equity
  • Employee Discounts, Virtual Wellness Classes, and Pet Insurance
  • And more!!

Salary Range

The salary range for this role is $140,000 - $180,000, depending on location and experience.

People & Culture at Zeta

Zeta considers applicants for employment without regard to, and does not discriminate on the basis of an individual’s sex, race, color, religion, age, disability, status as a veteran, or national or ethnic origin; nor does Zeta discriminate on the basis of sexual orientation, gender identity or expression.

We’re committed to building a workplace culture of trust and belonging, so everyone feels invited to bring their whole selves to work. We provide a forum for employees to celebrate, support and advocate for one another.

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Lead Application Security Engineer in Remote vacancy
  • $97.1k - $161.8k

     ...capturing and refining information security requirements and ensures...  ...the areas of secure coding, application authentication, encryption, and...  .... ~Develop and implement engineering’s technical security policies...  ...the development process. ~Lead training sessions for technology... 
    Suggested
    Full time
    Work experience placement
    Worldwide

    M&T Bank

    Remote
    4 days ago
  • Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently...  ...~Partner with product, platform, and engineering leads to drive security initiatives ~Lead outcome-focused design... 
    Suggested
    Full time
    Flexible hours

    Barracuda Networks Inc.

    Remote
    3 days ago
  • $100k - $140k

    Role Description Zocdoc’s most important asset is our people. As an Application Security Engineer, you’ll play a meaningful role in helping our development organization build secure software with confidence. In this role, you’ll work closely with our Compliance, Security... 
    Suggested
    Full time
    Flexible hours

    Zocdoc

    Remote
    4 days ago
  • $180k - $205.5k

    Role Description Spring Health is looking for a Senior Application Security Engineer II to join our growing Application Security team. Reporting to...  ...distributed, or service-oriented systems. ~Experience leading or contributing to the development of a formal threat modeling... 
    Suggested
    Full time
    Work experience placement
    Remote work
    Sleeping nights

    Spring Health

    Remote
    2 days ago
  • $120k - $145k

    Role Description Parallels is seeking a highly motivated and talented Application Security Engineer to join our team. In this role, you will make security decisions that impact millions of our customers while gaining hands-on experience in exploit development and CVE discovery... 
    Suggested
    Full time
    Remote work

    Parallels Inc

    Remote
    6 days ago
  • $180k - $200k

     ...Description Here at Virtru you'll join an innovative product security team that is helping secure some of the world's most...  ...core, functions in a wide range of threat models. As an application security engineer you will help our engineering teams maintain and develop... 
    Full time
    Flexible hours

    Virtru

    Remote
    2 days ago
  • Role Description The primary responsibility of the Senior Application Security Engineer (AI-First Development) is to design, orchestrate, and validate the offensive security tooling and adversary-emulation capabilities used to find, prove, and help remediate exploitable... 
    Full time
    Flexible hours

    Las Vegas Sands Corp.

    Remote
    5 days ago
  • $175k - $215k

    Role Description We're looking for an Application Security Engineer to help build secure-by-default products and services across Quanata's AI-native...  ...security into application design and development ~Lead threat modeling exercises and identify practical security... 
    Extra income
    Full time
    Home office
    Shift work

    Quanata

    Remote
    6 days ago
  • $190k - $273k

    Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software...  ...benefits. Company Description Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 5... 
    Full time
    Flexible hours

    Apollo.io

    Remote
    2 days ago
  • $157k - $216k

     ...investing in the next generation of our Application Security capability, a continuous, AI-augmented...  ...defense program built for a SaaS engineering organization where AI agents and human...  ...hire with a clear path to Staff / Tech Lead as the team grows. Qualifications... 
    Full time
    Remote work

    AlphaSense

    Remote
    3 days ago
  • $120k - $258.5k

    Role Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn’t have to choose between moving...  ...of Application Security and partner closely with product engineering and DevOps, alongside our security peers in pentest, attack... 
    Full time

    Nordstrom

    Remote
    7 days ago
  • $156.9k - $229.7k

    Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber’s applications and development...  ...writing secure code the path of least resistance. ~Lead initiatives ranging from managing threat detection boundaries... 
    Full time

    GFiber

    Remote
    4 days ago
  • $155k - $175k

    Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform...  ..., automate remediation, and scale security coverage. ~Leads the effort to secure AI-integrated applications, harden CI... 
    Full time
    Remote work
    Flexible hours

    Lumin Digital

    Remote
    1 day ago
  • $192k - $240k

    Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management.... 
    Full time
    Work experience placement

    Brex

    Remote
    2 days ago
  • Role Description The Application Security Engineer plays a crucial role in securing our growing portfolio of applications. This role will focus on...  ...extensive network of over 60 offices around the world, we lead by offering innovative solutions that are at the forefront... 
    Full time

    H.W. Kaufman Group

    Remote
    5 days ago
  • $125.6k - $172.7k

    Role Description As an Application Security Engineer at Solventum, you will: ~Join a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients. ~Operate and... 
    Full time
    Flexible hours

    SOLVENTUM

    Remote
    4 days ago
  • Role Description As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually... 
    Full time
    Remote work

    Oneleet

    Remote
    6 days ago
  • $100k - $150k

    Role Description We are looking for an Application Security Engineer to embed security throughout the software development lifecycle, partnering with...  ...secure patterns the default for engineering teams. ~Lead red-team and purple-team exercises against internal applications... 
    Full time
    Local area
    Immediate start

    Bright Vision Technologies

    Remote
    17 hours ago
  • $135.9k - $203.9k

     ...Startups to global organizations, build secure, high-quality software faster and...  ...position will implement our industry-leading Application Security products and solutions within...  ...will work alongside our sales, sales engineering, customer success managers, product development... 
    Full time
    Remote work
    Work from home

    Black Duck Software, Inc.

    Remote
    2 days ago
  • Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security... 
    Full time
    Remote work
    Flexible hours

    GuidePoint Security

    Remote
    7 days ago
  • $130k - $160k

     ...and millions of patient encounters. Security is not a layer we add at the end; it...  ...built into how we work. As a Senior Application Security Engineer, you will own the application security...  .... ~Threat Modeling & Assessment: Lead threat modeling exercises for new features... 
    Full time

    Fabric

    Remote
    5 days ago
  • $111k - $144.4k

    Role Description The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high...  ...reduce the introduction of program design flaws that may lead to exploitation. As issues are uncovered, the... 
    Full time
    Temporary work
    Work experience placement

    CubiCasa

    Remote
    1 day ago
  • $180k - $215k

    Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering... 
    Full time
    Work at office
    Remote work
    Weekend work

    Monarch Money

    Remote
    8 days ago
  • $180k - $210k

    Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role...  ...and adversarial review of new designs before they ship. ~Lead threat modeling and secure design review for the highest-... 
    Full time
    Flexible hours

    Qualia

    Remote
    7 days ago
  • Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development... 
    Full time
    Remote work

    Canary Technologies Corp

    Remote
    1 day ago
  • $177k - $225k

    Role Description Are you passionate about securing global-scale ecommerce services and applications that power millions of customers across over a hundred...  ...looking for a hands-on Principal Product Security Engineer to lead our Secure Development Lifecycle assurance... 
    Full time
    Remote work

    iHerb, LLC

    Remote
    7 days ago
  •  ...position will be a key contributor to DevSecOps and overall application security initiatives in Ellucian. ~Analyze the security of...  ...training for product owners, business analysts, test engineers and developers. ~Lead ongoing process and policy improvement efforts. ~... 
    Full time
    Flexible hours

    Ellucian

    Remote
    8 days ago
  • $114k - $240k

     ...Description As a senior individual contributor on the Application Security team, the Staff Application Security Engineer will help to define and drive Reltio’s...  ...and uplevel other security and engineering staff, lead complex threat modeling and architecture reviews,... 
    Full time
    Shift work

    Reltio

    Remote
    3 days ago
  •  ...00+ team across 12 regions and 9 time zones. The Role The Application Security Engineer exists to embed security throughout the software development...  ...and architecture phases of new features and products. Lead and support bug bounty and responsible disclosure programmes... 
    Work at office
    Remote work
    Flexible hours

    Pepperstone

    Granby, CT
    2 days ago
  •  ...public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a...  ...more. Who we’re looking for: We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security... 
    Contract work
    Remote work

    GrabJobs

    San Francisco, CA
    5 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Application Security Engineer. Be the first to apply!