Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Staff Application Security Engineer

$168.2k - $269.9k
Full-time

ServiceTitan

Role Description

At ServiceTitan, we are transforming product security into a core part of how engineering delivers software. We are looking for an exceptional Staff Application Security Engineer to help us build a "Secure Paved Road"—an automated, self-service ecosystem that enables our 80+ R&D squads to build securely by default.

This role will define and scale how secure software is built at ServiceTitan by embedding security directly into the development lifecycle, from code to production. It will reduce organizational risk by automating detection and remediation of vulnerabilities, standardizing secure architecture patterns, and eliminating entire classes of security issues at their source.

By partnering closely with engineering, this role will drive a shift toward secure by default development while continuously validating defenses through testing, threat modeling, and proactive simulation.

What you’ll do:

  • Build the Secure Paved Road (Pipeline and Code)
    • Pipeline Automation: Deeply integrate GitHub Advanced Security into the CI/CD pipeline to act as automated checkpoints, providing fast feedback to engineers without manual intervention.
    • Secure by Default Code: Collaborate with Engineering to develop and maintain secure microservice templates and libraries with embedded security controls.
    • Secrets and Supply Chain: Lead hardcoded secrets mitigation efforts by automating detection and building workflows to validate compromised credentials via API.
    • Secure SDLC Practices: Drive cross functional initiatives to establish and continuously improve secure software development lifecycle practices across the organization.
  • Continuous Security Testing and Validation
    • Penetration Testing: Lead onboarding and operation of continuous penetration testing capabilities across web applications and services.
    • Security Assessments: Participate in and help scale internal security assessments, penetration testing, and bug bounty programs.
    • Tooling Ownership: Evaluate, prototype, implement, and operate security tools including DAST, SAST, and SCA.
    • Simulation and Validation: Run proactive simulations based on emerging threats to validate defenses and identify gaps.
  • Architecture and Threat Modeling
    • Security Design Reviews: Lead security design reviews and threat modeling for new and existing services.
    • Secure Architecture: Develop and maintain secure architecture standards, frameworks, and reusable patterns across multiple layers of the stack.
    • Emerging Threat Analysis: Continuously analyze evolving security threats, determine relevance, and implement centralized mitigations.
  • Operational Support and Engineering Partnership
    • Technical Leadership: Act as the AppSec technical expert for the Security Champions Program, guiding engineers on vulnerability remediation and secure coding practices.
    • Contextual Training: Implement just in time training mechanisms that help engineers remediate vulnerabilities as they are introduced.
    • Triage to Automate: Own initial triage of vulnerability findings, identify patterns, and drive automation and guardrails to reduce recurring issues.
    • Incident Response: Participate in security incident response and support post incident analysis and remediation efforts.
  • Continuous Improvement and Expertise
    • Maintain strong knowledge of current security threats, vulnerabilities, and operational best practices, applying that knowledge to continuously improve the organization’s security posture.

Qualifications

  • 7-10+ years of experience in Product/Application Security, with a strong background in software engineering.
  • Proficiency in C#/.NET (preferred) or Go/Java. You must be able to read code to find vulnerabilities and write code to fix them.
  • Experience moving security "left" using tools like GitHub Advanced Security (GHAS), dependency scanners, and secret detectors.
  • Proven ability to script (Python, Go, PowerShell) and automate security tasks.
  • Interest in the intersection of AI and Security, specifically in securing AI workloads.

Requirements

  • Your success will be measured by real risk reduction.
  • You will work side by side with engineering teams to shape how software is built, secured, and deployed.
  • You will help define how modern security teams leverage automation and intelligent systems to scale.
  • You will have the autonomy to identify problems, design solutions, and implement them end to end.

Benefits

  • Flexible time off with ample learning and development opportunities.
  • Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents).
  • Parental leave and support, up to $20k in fertility services, surrogacy, and adoption reimbursement.
  • Legal advisory services, financial planning tools, and more.
Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Staff Application Security Engineer in Remote vacancy
  • $98k - $146k

     ...technologies in support of U.S. National Security and Defense. For the past forty-five...  ...require U.S. citizenship for all employees. Applicants that do not meet this requirement will...  ...an immediate opportunity for a talented engineer to support our programs delivering Next-... 
    Suggested
    Temporary work
    For contractors
    Work experience placement
    Immediate start
    Remote work
    Flexible hours

    SciTec

    Boulder, CO
    8 days ago
  • $180k - $210k

    Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: ~Set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities... 
    Suggested
    Full time
    Flexible hours

    Qualia

    Remote
    2 days ago
  • Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development... 
    Suggested
    Full time
    Remote work

    Canary Technologies Corp

    Remote
    20 hours ago
  • $120k - $258.5k

    Role Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn’t have to choose between moving...  ...of Application Security and partner closely with product engineering and DevOps, alongside our security peers in pentest, attack... 
    Suggested
    Full time

    Nordstrom

    Remote
    3 days ago
  • $175k - $215k

    Role Description We're looking for an Application Security Engineer to help build secure-by-default products and services across Quanata's AI-native insurance technology platform. In this role, you'll partner closely with Product, Engineering, and Security teams to identify... 
    Suggested
    Extra income
    Full time
    Home office
    Shift work

    Quanata

    Remote
    1 day ago
  • $157k - $216k

     ...investing in the next generation of our Application Security capability, a continuous, AI-augmented...  ...defense program built for a SaaS engineering organization where AI agents and human...  ...foundational hire with a clear path to Staff / Tech Lead as the team grows. Qualifications... 
    Full time
    Remote work

    AlphaSense

    Remote
    6 days ago
  • $85.7k - $125.69k

    Role Description The Application Security Engineer is responsible for securing the software and applications that Credit Acceptance builds, buys, and operates. This role partners closely with engineering, product, architecture, and business teams to ensure that applications... 
    Full time
    Work at office
    Work from home
    Shift work

    Credit Acceptance

    Remote
    3 days ago
  • $100k - $150k

    Role Description We are looking for an Application Security Engineer to embed security throughout the software development lifecycle, partnering with...  ...lunch-and-learns, and onboarding content for engineering staff. ~Respond to security incidents involving application... 
    Full time
    Immediate start

    Bright Vision Technologies

    Remote
    20 hours ago
  • $135.9k - $203.9k

     ...Startups to global organizations, build secure, high-quality software faster and...  ...position will implement our industry-leading Application Security products and solutions within...  ...You will work alongside our sales, sales engineering, customer success managers, product... 
    Full time
    Remote work
    Work from home

    Black Duck Software

    Remote
    20 hours ago
  • $190k - $273k

    Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends... 
    Full time
    Flexible hours

    Apollo.io

    Remote
    5 days ago
  • $180k - $215k

    Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering... 
    Full time
    Work at office
    Remote work
    Weekend work

    Monarch Money

    Remote
    3 days ago
  • $111k - $144.4k

    Role Description The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected... 
    Full time
    Temporary work
    Work experience placement

    CubiCasa

    Remote
    20 hours ago
  • $120k - $145k

    Role Description Parallels is seeking a highly motivated and talented Application Security Engineer to join our team. In this role, you will make security decisions that impact millions of our customers while gaining hands-on experience in exploit development and CVE discovery... 
    Full time
    Remote work

    Parallels Inc

    Remote
    1 day ago
  • $180k - $200k

     ...Description Here at Virtru you'll join an innovative product security team that is helping secure some of the world's most...  ...core, functions in a wide range of threat models. As an application security engineer you will help our engineering teams maintain and develop... 
    Full time
    Flexible hours

    Virtru

    Remote
    5 days ago
  • $97.1k - $161.8k

     ...for capturing and refining information security requirements and ensures their integration...  ...in the areas of secure coding, application authentication, encryption, and quickly...  ...areas as needed. ~Develop and implement engineering’s technical security policies and procedures... 
    Full time
    Work experience placement
    Worldwide

    M&T Bank

    Remote
    7 days ago
  • Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly... 
    Full time
    Flexible hours

    Barracuda Networks Inc.

    Remote
    6 days ago
  • Role Description The primary responsibility of the Senior Application Security Engineer (AI-First Development) is to design, orchestrate, and validate the offensive security tooling and adversary-emulation capabilities used to find, prove, and help remediate exploitable... 
    Full time
    Flexible hours

    Las Vegas Sands Corp.

    Remote
    20 hours ago
  • $100k - $140k

    Role Description Zocdoc’s most important asset is our people. As an Application Security Engineer, you’ll play a meaningful role in helping our development organization build secure software with confidence. In this role, you’ll work closely with our Compliance, Security... 
    Full time
    Flexible hours

    Zocdoc

    Remote
    19 hours ago
  • $125.6k - $172.7k

    Role Description As an Application Security Engineer at Solventum, you will: ~Join a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients. ~Operate and... 
    Full time
    Flexible hours

    SOLVENTUM

    Remote
    7 days ago
  • Role Description The Application Security Engineer plays a crucial role in securing our growing portfolio of applications. This role will focus on integrating security best practices into the Software Development Lifecycle (SDLC), ensuring compliance with regulatory requirements... 
    Full time

    H.W. Kaufman Group

    Remote
    20 hours ago
  • $192k - $240k

    Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management.... 
    Full time
    Work experience placement

    Brex

    Remote
    5 days ago
  • Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security... 
    Full time
    Remote work
    Flexible hours

    GuidePoint Security

    Remote
    3 days ago
  •  ...this position will be a contributor to DevSecOps and overall application security initiatives in Ellucian. ~Analyze the security of...  ...security training for product owners, business analysts, test engineers, and developers. ~Lead ongoing process and policy improvement... 
    Full time
    Flexible hours

    Ellucian

    Remote
    3 days ago
  • $155k - $175k

    Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented... 
    Full time
    Remote work
    Flexible hours

    Lumin Digital

    Remote
    20 hours ago
  • Role Description We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed security into the SDLC... 
    Full time
    Worldwide

    Hyland

    Remote
    5 days ago
  • $156.9k - $229.7k

    Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber’s applications and development ecosystems. You will partner closely with engineering teams to: ~Review code, secure software delivery pipelines, and design... 
    Full time

    GFiber

    Remote
    1 hour ago
  • Role Description The primary responsibility of the Application Security Engineer – Cyber Security is to design, implement, and support the company’s overall information security infrastructure. This engineer sits at the intersection of application security, platform engineering... 
    Full time
    Remote work

    Las Vegas Sands Corp.

    Remote
    6 days ago
  • Role Description As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually... 
    Full time
    Remote work

    Oneleet

    Remote
    1 day ago
  • Job Title The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. ...
    Remote work

    Rubrik

    United States
    2 days ago
  •  ...Application Security Engineer This role is primarily focused on security administration for ERP applications such as Oracle HCM Cloud, PeopleSoft HCM and Peoplesoft Financials. Under general direction, defines, implements, and maintains application security processes... 
    Remote work

    TriOptus LLC

    United States
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Staff Application Security Engineer. Be the first to apply!