Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Application Security Engineer

$185k - $260k

Bitwise Asset Management

It’s rare that a new asset class is born. Nevertheless, we’re witnessing exactly that with the rise of crypto. Over just the last few years, since Bitwise was founded, crypto has evolved from an embryonic $50B market to a growing $3T+ juggernaut. This is an exciting moment for Bitwise as a firm. For eight years, we have established a track record of excellence managing a broad suite of index and active solutions across ETFs, separately managed accounts, private funds, institutional staking, and hedge fund strategies. This year, we crossed $15B in client assets and are growing quickly. Thousands of financial advisors, family offices, and institutional investors partner with Bitwise to understand and access the opportunities in crypto. We are known for providing unparalleled client support through expert research and commentary, a nationwide client team of crypto specialists, and deep access to the crypto ecosystem. Currently, Bitwise is a close-knit team of 100+ global professionals. Think of us as a mix of an asset manager and a tech start‑up. We’re backed by some of the most accomplished investors in venture capital and veterans of the financial services world. We love working together, we love what we do, and we’re excited about what’s ahead. About The Role Our engineering organization is growing, and with that growth comes an expanding application and infrastructure footprint that requires dedicated application security ownership. This role exists to build that function from the ground up. As our first dedicated Staff Application Security Engineer, you will own the design and implementation of our application security program, from SAST and DAST tooling to secure SDLC practices, threat modeling, dependency security, and penetration testing coordination. You will work directly with engineering teams across a cloud‑based environment securing both customer‑facing products and internal systems. You will be reporting directly to the Head of Security and will have the autonomy and organizational support to build an application security program that is practical, scalable, and aligned to the risk profile of a company operating in the digital asset space. Primary Responsibilities Static & Dynamic Application Security Testing (SAST / DAST) Own the full implementation of SAST tooling across all codebases and CI/CD pipelines Own the full implementation of DAST tooling across all customer‑facing and internal applications Establish baseline findings, prioritize remediation, and work directly with engineering to resolve issues Maintain and tune tooling over time as the codebase and attack surface evolve Secure SDLC & Code Integrity Define and enforce a secure software development lifecycle across engineering teams Establish secure release processes including code signing and build integrity verification Develop and maintain security standards, guidelines, and secure coding practices Integrate security checkpoints throughout the development pipeline without creating unnecessary friction for engineering Threat Modeling Lead threat modeling exercises for new infrastructure designs, features, and system changes Ensure all customer‑facing and internal applications are fully documented and threat modeled Maintain a living inventory of the company’s attack surface and ensure it reflects current architecture Apply blockchain‑specific threat modeling to smart contracts, bridge infrastructure, and custody‑adjacent systems, including multi‑sig signing flows and on‑chain/off‑chain trust boundaries Dependency & Supply Chain Security Implement and manage dependency scanning across all projects Enforce version pinning policies to reduce exposure from uncontrolled dependency updates Deploy and manage supply chain security tooling (e.g., Socket.dev or equivalent) to monitor for malicious or compromised dependencies Establish a process for ongoing dependency review and remediation Penetration Testing Define and maintain a penetration testing program covering all surface areas — applications, APIs, internal tooling, and infrastructure Scope, schedule, and manage third‑party penetration testing engagements Track findings through to remediation and validate fixes Secrets Management Design and implement a secrets management program across cloud infrastructure and engineering workflows Eliminate hardcoded credentials and secrets from codebases Establish policies and tooling for secrets rotation, access control, and audit logging Fuzzing & Attack Surface Coverage Implement fuzz testing across applicable components, particularly APIs and input‑handling logic Ensure coverage gaps in the attack surface are identified, documented, and addressed systematically Role Requirements 7+ years of experience in application security or a closely related discipline Demonstrated experience building or significantly maturing an application security program Deep hands‑on experience with SAST and DAST tooling implementation and management Strong knowledge of secure SDLC practices and CI/CD pipeline security integration Experience with dependency scanning and software supply chain security Proficiency in threat modeling methodologies (STRIDE, PASTA, or equivalent) Experience managing or coordinating third‑party penetration testing engagements Solid understanding of secrets management solutions (e.g., HashiCorp Vault, AWS Secrets Manager, or equivalent) Strong written and verbal communication skills — able to document findings and present risk clearly to both technical and non‑technical audiences Demonstrated experience securing blockchain‑connected systems, including smart contract security review, multi‑sig wallet architectures, and cross‑chain bridge protocols Working familiarity with common DeFi attack surfaces What We Offer Compensation: $185,000 to $260,000 + Equity Equity compensation as a component of all offers Health insurance, including dental and vision plans Health, Dependent Care and Commuter Flexible Spending Accounts Paid Parental Leave Life insurance; short‑and long‑term disability plans Company‑funded 401(k) plan, no matching required Unlimited PTO 10 paid company‑wide holidays Company‑wide winter break for most roles Office spaces in San Francisco, New York, and London Meals and snacks provided in office Paid company cell phone or stipend Bitwise “Buddy” Program (30‑day new‑hire success program) Annual anniversary gifts Company‑wide events including annual holiday party Internal Women of Bitwise (WOB) group with fun events Our Values Create “a ha” moments Move fast, with informed rationale Ask “What would the client want?” Show gratitude Your Interview Process Recruiter Interview Hiring Manager Interview Work Sample Meeting the Team Executive/Founders Interview References Offer! Bitwise is an equal opportunity employer. We are committed to building a team of people with a variety of backgrounds, perspectives, and skills. It is the policy of Bitwise to ensure equal opportunity. All candidates are considered without regard to race, color, religion, national origin, age, sex, sexual orientation, gender identity, marital status, ancestry, physical or mental disability, veteran status, or any other legally protected characteristics. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records. Please note that we do not sponsor visas for persons without work authorization in the United States. This role is for full‑time employees only (no B2B or contractors). Thank you! The Pay Range For This Role Is 185,000 - 260,000 USD per year (Remote) 185,000 - 260,000 USD per year (NYC Office) 185,000 - 260,000 USD per year (SF Office) 185,000 - 260,000 USD per year (London Office) #J-18808-Ljbffr Bitwise Asset Management

Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Staff Application Security Engineer in San Francisco, CA vacancy
  •  ...Senior Application Security Engineer Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We're looking for a very experienced and highly motivated Senior Application Security Engineer to join our team as one of... 
    Suggested
    Hourly pay
    Full time
    Flexible hours

    Colorwave Inc

    San Francisco, CA
    1 day ago
  • $200k - $340k

     ...Application Security Engineer Palo Alto, CA About XAI XAI's mission is to create AI systems that can accurately understand the universe and aid humanity in its pursuit of knowledge. Our team is small, highly motivated, and focused on engineering excellence. This... 
    Suggested
    Temporary work

    Xai

    San Francisco, CA
    1 day ago
  • $165k - $225k

     ...Senior Application Security Engineer Denver, CO or Long Beach, CA or SF Bay Area, CA Space is a warfighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it. True Anomaly delivers decisive capabilities for space... 
    Suggested
    Permanent employment
    Shift work

    True Anomaly

    San Francisco, CA
    4 days ago
  • $325k - $405k

    A leading AI research firm in San Francisco is seeking a Security Engineer for Application Security. The role involves identifying and mitigating security vulnerabilities, conducting assessments, and developing security tools. Ideal candidates will have extensive experience... 
    Suggested
    Remote job

    Jobleads-US

    San Francisco, CA
    2 days ago
  • $180k - $220k

    Senior Application Security Engineer, AI and Machine Learning San Francisco, California, United States; Seattle, Washington, United States Who We Are Lightning AI is the company behind PyTorch Lightning. Founded in 2019, we build an end‑to‑end platform for developing,... 
    Suggested
    Work at office
    Work from home
    Flexible hours
    2 days per week

    Lightning-Ai

    San Francisco, CA
    1 day ago
  • We are seeking a Sr. Application Security or DevSecOps Engineer with broad set of experiences to have an early and formative impact in many areas of the ZetaChain security program. The ideal candidate will be responsible for ensuring the security of our applications throughout... 
    Remote job
    Contract work
    Flexible hours

    Zetachain

    San Francisco, CA
    3 days ago
  • $200k - $235k

     ...we have focused on enabling our clients to securely navigate the digital asset space. With a...  ...engagements. Secure next‑generation AI‑integrated applications by establishing input/output validation protocols and LLM guardrails. Engineer proactive defenses to safeguard platform... 
    Full time
    Work at office
    Worldwide

    BitGo

    San Francisco, CA
    1 day ago
  • $165k - $190k

     ...world of TV advertising through the intelligent application of AI and machine learning, Tatari helps some...  ...attestation, and a clear mandate to mature our security and privacy posture. We're looking for the right engineer to make it happen. The Role As our first dedicated... 
    Work at office
    2 days per week

    Tatari

    San Francisco, CA
    1 day ago
  • $215k

    Quanata is seeking an Application Security Engineer to ensure secure application development within our AI-native insurance platform. This role involves collaborating with Product, Engineering, and Security teams to integrate security controls throughout the software lifecycle... 
    Remote job

    Quanata

    San Francisco, CA
    4 days ago
  • $231.9k - $318.25k

     ...directly with business data, and meets the highest standards of security and governance. AI is redefining what it means to build...  ...program have grown with it. We’re looking for an Application Security Engineer who combines deep security fundamentals with real engineering... 
    Shift work

    Retool

    San Francisco, CA
    1 day ago
  • Senior Security Engineer - Secure Code Review My client is seeking a Senior Security Engineer to join their Application Security practice. This role is ideal for a hands‑on AppSec professional with a strong software development background and deep experience performing... 

    AGS

    San Francisco, CA
    1 day ago
  • $180k - $210k

     ..., go to . About the Role We’re looking for a Director of Application Security to architect and lead an AI‑native, agent‑driven Application...  ..., real‑time risk signals, and deep integration with how engineers build software. Zeta is at the forefront of the AI‑native... 
    Shift work

    Zeta Global

    San Francisco, CA
    1 day ago
  • $237.8k

     ...their data and AI are fully understood, secured, and resilient to enable the acceleration...  ...We are looking for a Senior Security Engineer who thinks like a product architect and...  ...to this processing. By submitting your application, you confirm that the information provided... 
    Local area
    Worldwide
    Shift work

    Veeam Software

    San Francisco, CA
    1 day ago
  • $320k

     ...growing group of committed researchers, engineers, policy experts, and business leaders...  ...systems. About the Role Anthropic's Application Security team secures the systems that build, serve...  ...policy: Currently, we expect all staff to be in one of our offices at least 2... 
    Visa sponsorship

    Anthropic

    San Francisco, CA
    1 day ago
  •  ...support you need to grow your career. Engineering at Brex Engineering at Brex is about...  ...intention. Our teams span Software, Data, Security, and IT, and operate with high...  ...become leaders. What you’ll do As a Staff Application Security Engineer, you will define the... 
    Work at office
    Remote work
    Work from home
    3 days per week

    EngineersOfAI

    San Francisco, CA
    1 day ago
  •  ...including Patrick Collison and Andrej Karpathy. We are building AI applications for the world's most important institutions, delivering...  ...DeepMind, NVIDIA, and Databricks About the Role As our Security Engineer, Application & AI, you will own the security of our... 
    Contract work

    BrainCo

    San Francisco, CA
    1 day ago
  •  ...the US, UK, Europe, Japan and Canada, and has been used for more than 500,000 patients worldwide. We are looking for an Application Security Engineer to work with our engineering team to ensure security is an integral part of our Software Development Lifecycle (SDLC).... 
    Work at office
    Local area
    Worldwide
    Relocation
    3 days per week

    Heartflow

    San Francisco, CA
    1 day ago
  • $155k - $225k

    Attentive Mobile, Inc. is seeking a Senior Application Security Engineer to enhance security across their platforms. The ideal candidate will have over 5 years of security experience, particularly in application security, and be well-versed in programming with Java, Python... 

    Attentive Mobile, Inc.

    San Francisco, CA
    1 day ago
  • $140k - $180k

     ...headquartered in New York City with offices around the world. To learn more, go to About the Role We’re seeking a Lead Application Security Engineer to help advance Zeta Global’s application and platform security posture through AI-native security practices,... 
    Full time

    Zeta Global

    San Francisco, CA
    10 hours ago
  • Applications Engineer, AI Server Software Performance This role serves as the technical bridge between engineering teams, customers, and strategic partners. The individual will lead training and inference benchmarking activities, support customer proof‑of‑concept engagements... 
    Permanent employment
    H1b

    Akash Systems

    Emeryville, CA
    1 day ago
  • $405k

     ...group of committed researchers, engineers, policy experts, and business leaders...  ...the role We are seeking a Security Engineering Manager to lead our Application Security team in ensuring the security...  ...: Currently, we expect all staff to be in one of our offices at... 
    Work at office
    Visa sponsorship
    Flexible hours
    Shift work

    Anthropic

    San Francisco, CA
    more than 2 months ago
  •  ...Application Engineer – Vinci4D.ai Join to apply for the Application Engineer role at Vinci4D.ai We are building an AI assistant for hardware design. Our product helps engineers explore, analyze, and optimize hardware systems, integrating cutting‑edge AI with the realities... 

    Vinci4D.ai

    San Francisco, CA
    2 days ago
  • $125k - $160k

     ...based on your skills and experience — talk with your recruiter to learn more. Base pay range $125,000.00/yr - $160,000.00/yr Applications Engineer – Industrial Vision & AI Deployment ~50% Overnight Travel About the Opportunity A rapidly growing AI + computer‑vision scale... 
    Night shift

    Direct Recruiters

    San Francisco, CA
    2 days ago
  •  ...Forward Deployed Engineer / Application Engineer – AI for EDA Solutions (Bay Area) Two openings are described below. This posting is presented by EDA CAREERS, (Technology Futures Inc.). Forward Deployed Engineer – AI for EDA Solutions Bay Area #7007 This company is reinventing... 
    Full time
    Remote work
    Shift work

    EDA CAREERS, (Technology Futures Inc).

    San Francisco, CA
    2 days ago
  • $130k - $175k

     ...Thank you for your interest in Uncountable Engineering! Description Uncountable is seeking experienced engineers to lead the transformation...  ...to accelerate discovery through Generative AI. As an LLM Applications Engineer, you will be the architect of our LLM infrastructure... 

    Uncountable Inc

    San Francisco, CA
    3 days ago
  •  ...cities are managed. Powered by a proprietary visual intelligence engine with full spatial reasoning, EchoTwin transforms municipal...  ...challenges in real time. What You’ll Do We are seeking a skilled Application Engineer to join our team, focusing on deploying and... 
    Flexible hours

    EchoTwin AI, Inc.

    San Francisco, CA
    2 days ago
  •  ...robots that automate food prep and assembly in commercial kitchens and food manufacturing. About the Role We are hiring an Applications Engineer to serve as the vital link between our customers and our engineering teams. This role spans the full customer journey, from... 
    Flexible hours
    Night shift
    Weekend work

    Chef Robotics

    San Francisco, CA
    2 days ago
  •  ...across voice, chat, and email. Role Snapshot Role: Senior Software Engineer YOE: 4+ years of experience in full- stack software engineering...  ..., sales, and customer success teams with enterprise-grade security. Why should you consider? Build real-world AI at scale at Solidroad... 

    Crossing Hurdles

    San Francisco, CA
    4 hours ago
  • $175k - $215k

     ...looking for someone to make sure it's built securely from the ground up. As part of the...  ...ll be building it, working closely with engineering teams, shipping production code,...  ...models ~ Production experience with application security tooling (SAST, DAST, SCA) and... 
    Temporary work

    Crusoe

    San Francisco, CA
    2 days ago
  • $180k - $258k

     ...founders. Role Overview We are looking for a Product Security Engineer to join our team and act as a champion for security within...  ...engineering, specifically focusing on product security or application security. Technical Skills: Proficiency in one or... 
    Shift work

    Candid Health

    San Francisco, CA
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Application Security Engineer. Be the first to apply!