Staff Application Security Engineer
$168.2k - $269.9kServiceTitan
Role Description
At ServiceTitan, we are transforming product security into a core part of how engineering delivers software. We are looking for an exceptional Staff Application Security Engineer to help us build a "Secure Paved Road"—an automated, self-service ecosystem that enables our 80+ R&D squads to build securely by default.
This role will define and scale how secure software is built at ServiceTitan by embedding security directly into the development lifecycle, from code to production. It will reduce organizational risk by automating detection and remediation of vulnerabilities, standardizing secure architecture patterns, and eliminating entire classes of security issues at their source.
By partnering closely with engineering, this role will drive a shift toward secure by default development while continuously validating defenses through testing, threat modeling, and proactive simulation.
What you’ll do:
- Build the Secure Paved Road (Pipeline and Code)
- Pipeline Automation: Deeply integrate GitHub Advanced Security into the CI/CD pipeline to act as automated checkpoints, providing fast feedback to engineers without manual intervention.
- Secure by Default Code: Collaborate with Engineering to develop and maintain secure microservice templates and libraries with embedded security controls.
- Secrets and Supply Chain: Lead hardcoded secrets mitigation efforts by automating detection and building workflows to validate compromised credentials via API.
- Secure SDLC Practices: Drive cross functional initiatives to establish and continuously improve secure software development lifecycle practices across the organization.
- Continuous Security Testing and Validation
- Penetration Testing: Lead onboarding and operation of continuous penetration testing capabilities across web applications and services.
- Security Assessments: Participate in and help scale internal security assessments, penetration testing, and bug bounty programs.
- Tooling Ownership: Evaluate, prototype, implement, and operate security tools including DAST, SAST, and SCA.
- Simulation and Validation: Run proactive simulations based on emerging threats to validate defenses and identify gaps.
- Architecture and Threat Modeling
- Security Design Reviews: Lead security design reviews and threat modeling for new and existing services.
- Secure Architecture: Develop and maintain secure architecture standards, frameworks, and reusable patterns across multiple layers of the stack.
- Emerging Threat Analysis: Continuously analyze evolving security threats, determine relevance, and implement centralized mitigations.
- Operational Support and Engineering Partnership
- Technical Leadership: Act as the AppSec technical expert for the Security Champions Program, guiding engineers on vulnerability remediation and secure coding practices.
- Contextual Training: Implement just in time training mechanisms that help engineers remediate vulnerabilities as they are introduced.
- Triage to Automate: Own initial triage of vulnerability findings, identify patterns, and drive automation and guardrails to reduce recurring issues.
- Incident Response: Participate in security incident response and support post incident analysis and remediation efforts.
- Continuous Improvement and Expertise
- Maintain strong knowledge of current security threats, vulnerabilities, and operational best practices, applying that knowledge to continuously improve the organization’s security posture.
Qualifications
- 7-10+ years of experience in Product/Application Security, with a strong background in software engineering.
- Proficiency in C#/.NET (preferred) or Go/Java. You must be able to read code to find vulnerabilities and write code to fix them.
- Experience moving security "left" using tools like GitHub Advanced Security (GHAS), dependency scanners, and secret detectors.
- Proven ability to script (Python, Go, PowerShell) and automate security tasks.
- Interest in the intersection of AI and Security, specifically in securing AI workloads.
Requirements
- Your success will be measured by real risk reduction.
- You will work side by side with engineering teams to shape how software is built, secured, and deployed.
- You will help define how modern security teams leverage automation and intelligent systems to scale.
- You will have the autonomy to identify problems, design solutions, and implement them end to end.
Benefits
- Flexible time off with ample learning and development opportunities.
- Company-paid medical, dental, and vision (with 100% employer paid options and 90% coverage for dependents).
- Parental leave and support, up to $20k in fertility services, surrogacy, and adoption reimbursement.
- Legal advisory services, financial planning tools, and more.
$98k - $146k
...technologies in support of U.S. National Security and Defense. For the past forty-five... ...require U.S. citizenship for all employees. Applicants that do not meet this requirement will... ...an immediate opportunity for a talented engineer to support our programs delivering Next-...SuggestedTemporary workFor contractorsWork experience placementImmediate startRemote workFlexible hours$180k - $210k
Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: ~Set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities...SuggestedFull timeFlexible hours- Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development...SuggestedFull timeRemote work
$120k - $258.5k
Role Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn’t have to choose between moving... ...of Application Security and partner closely with product engineering and DevOps, alongside our security peers in pentest, attack...SuggestedFull time$175k - $215k
Role Description We're looking for an Application Security Engineer to help build secure-by-default products and services across Quanata's AI-native insurance technology platform. In this role, you'll partner closely with Product, Engineering, and Security teams to identify...SuggestedExtra incomeFull timeHome officeShift work$157k - $216k
...investing in the next generation of our Application Security capability, a continuous, AI-augmented... ...defense program built for a SaaS engineering organization where AI agents and human... ...foundational hire with a clear path to Staff / Tech Lead as the team grows. Qualifications...Full timeRemote work$85.7k - $125.69k
Role Description The Application Security Engineer is responsible for securing the software and applications that Credit Acceptance builds, buys, and operates. This role partners closely with engineering, product, architecture, and business teams to ensure that applications...Full timeWork at officeWork from homeShift work$100k - $150k
Role Description We are looking for an Application Security Engineer to embed security throughout the software development lifecycle, partnering with... ...lunch-and-learns, and onboarding content for engineering staff. ~Respond to security incidents involving application...Full timeImmediate start$135.9k - $203.9k
...Startups to global organizations, build secure, high-quality software faster and... ...position will implement our industry-leading Application Security products and solutions within... ...You will work alongside our sales, sales engineering, customer success managers, product...Full timeRemote workWork from home$190k - $273k
Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends...Full timeFlexible hours$180k - $215k
Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering...Full timeWork at officeRemote workWeekend work$111k - $144.4k
Role Description The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected...Full timeTemporary workWork experience placement$120k - $145k
Role Description Parallels is seeking a highly motivated and talented Application Security Engineer to join our team. In this role, you will make security decisions that impact millions of our customers while gaining hands-on experience in exploit development and CVE discovery...Full timeRemote work$180k - $200k
...Description Here at Virtru you'll join an innovative product security team that is helping secure some of the world's most... ...core, functions in a wide range of threat models. As an application security engineer you will help our engineering teams maintain and develop...Full timeFlexible hours$97.1k - $161.8k
...for capturing and refining information security requirements and ensures their integration... ...in the areas of secure coding, application authentication, encryption, and quickly... ...areas as needed. ~Develop and implement engineering’s technical security policies and procedures...Full timeWork experience placementWorldwide- Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly...Full timeFlexible hours
- Role Description The primary responsibility of the Senior Application Security Engineer (AI-First Development) is to design, orchestrate, and validate the offensive security tooling and adversary-emulation capabilities used to find, prove, and help remediate exploitable...Full timeFlexible hours
$100k - $140k
Role Description Zocdoc’s most important asset is our people. As an Application Security Engineer, you’ll play a meaningful role in helping our development organization build secure software with confidence. In this role, you’ll work closely with our Compliance, Security...Full timeFlexible hours$125.6k - $172.7k
Role Description As an Application Security Engineer at Solventum, you will: ~Join a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients. ~Operate and...Full timeFlexible hours- Role Description The Application Security Engineer plays a crucial role in securing our growing portfolio of applications. This role will focus on integrating security best practices into the Software Development Lifecycle (SDLC), ensuring compliance with regulatory requirements...Full time
$192k - $240k
Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management....Full timeWork experience placement- Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security...Full timeRemote workFlexible hours
- ...this position will be a contributor to DevSecOps and overall application security initiatives in Ellucian. ~Analyze the security of... ...security training for product owners, business analysts, test engineers, and developers. ~Lead ongoing process and policy improvement...Full timeFlexible hours
$155k - $175k
Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented...Full timeRemote workFlexible hours- Role Description We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed security into the SDLC...Full timeWorldwide
$156.9k - $229.7k
Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber’s applications and development ecosystems. You will partner closely with engineering teams to: ~Review code, secure software delivery pipelines, and design...Full time- Role Description The primary responsibility of the Application Security Engineer – Cyber Security is to design, implement, and support the company’s overall information security infrastructure. This engineer sits at the intersection of application security, platform engineering...Full timeRemote work
- Role Description As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually...Full timeRemote work
- Job Title The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. ...Remote work
- ...Application Security Engineer This role is primarily focused on security administration for ERP applications such as Oracle HCM Cloud, PeopleSoft HCM and Peoplesoft Financials. Under general direction, defines, implements, and maintains application security processes...Remote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Staff Application Security Engineer. Be the first to apply!
- assistant chief engineer Remote
- technology administrator Remote
- project engineer assistant project manager Remote
- staff security engineer Remote
- engineering aide Remote
- senior staff systems engineer Remote
- staff design engineer Remote
- staff data engineer Remote
- assistant engineering manager Remote
- software engineer staff Remote













