Senior Application Security Engineer
Hyland
Senior Application Security Engineer
We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed security into the SDLC, identifying and remediating vulnerabilities, and shaping the tools and processes that keep our products and customers safe. Deep expertise in securing cloud-native architectures and automating security into CI/CD pipelines is essential, as security needs to scale with our engineering velocity. As AI-powered development becomes a bigger part of how we build and ship software, you'll also help engineers navigate the security challenges that come with it. This is a high-impact, generalist AppSec role for someone equally comfortable reviewing threat models, triaging bug bounty reports, and writing secure coding guidance.
Partner with engineering, product, and DevOps teams to integrate security practices throughout the software development lifecycle, with a strong focus on cloud-native environments and automated pipelines.
Design, implement, and maintain security tooling and gates within CI/CD pipelines, covering SAST, DAST, SCA, secrets detection, and container scanning, so security feedback reaches developers early and automatically.
Collaborate with infrastructure and platform teams to help guide and improve the security posture of cloud-native environments across AWS, GCP, or Azure, including containerized workloads, Kubernetes clusters, serverless functions, and managed services.
Lead and own the threat modeling process across product and engineering teams, conducting application security assessments including code review and manual penetration testing of applications.
Triage and remediate findings from SAST, DAST, SCA, and bug bounty programs; help engineering teams understand and fix vulnerabilities.
Define and maintain secure coding standards, security testing requirements, and developer-facing security documentation.
Advise developers on AI security best practices, covering risks introduced by LLM integrations such as prompt injection, insecure output handling, and data leakage, as well as the secure use of AI coding assistants.
Evaluate and implement AppSec tooling to improve detection and developer feedback loops.
Respond to and investigate security incidents involving application-layer issues.
Mentor engineers on security best practices, including emerging AI-related risks, and serve as a trusted security advisor to product teams.
Contribute to security architecture reviews for new features and systems, including cloud-native and AI/ML components.
5+ years of experience in application security, software security engineering, or a closely related role.
Hands-on experience securing cloud-native environments on AWS, GCP, or Azure, including containers, Kubernetes, IAM, and serverless architectures.
Proven experience integrating security into CI/CD pipelines (e.g., GitHub Actions, Jenkins) automating SAST, DAST, SCA, and secrets scanning.
Strong command of application security fundamentals: OWASP Top 10, secure design principles, and common vulnerability classes such as injection, auth flaws, and business logic issues.
Experience with security testing across applications.
Proficiency with AppSec tooling such as Checkmarx, Burp Suite, Trivy, Checkov, and Veracode.
Ability to read and reason about code in at least one of: Python, JavaScript/TypeScript, Java, Go, .NET (C#), or similar.
Strong written and verbal communication skills, with the ability to explain security risk to both technical and non-technical audiences.
Experience with infrastructure-as-code security (Terraform, CloudFormation, Helm) and policy-as-code frameworks such as OPA.
Familiarity with AI/LLM security risks including prompt injection, model abuse, and insecure integrations, as well as frameworks like the OWASP Top 10 for LLMs.
Experience securing AI-assisted development workflows and reviewing AI-generated code for security issues.
One or more relevant certifications: OSCP, CISSP, CEH, GWEB, CCSP, or equivalent.
Prior experience in a product-led tech or SaaS environment.
Hyland is the pioneer of the Content Innovation Cloud™, delivering ubiquitous enterprise intelligence to organizations with solutions that unlock actionable insights and drive automation. © Hyland. All rights reserved.
Trusted by thousands of organizations worldwide, including many of the Fortune 100, Hyland's solutions create the foundation for a connected, agentic enterprise, where teams harness the power of AI to redefine how they operate and engage with those they serve.
Since 1991, it has been Hyland's mission to help our employees, customers and partners exceed their potential with our industry-leading content services platform. Our employees exude a contagious energy and are passionate about what they do – whether it's helping customers succeed, raising up their fellow Hylanders, or engaging in the communities where they live and work.
The #HylandLife hashtag encompasses our employee-centric culture. Our employees live our culture day in and day out by bringing their best self to work. Hyland supports them to do just that through career development resources, wellbeing programs and innovation practices. We thrive on diverse viewpoints and new ideas and believe that a positive, inclusive workplace is imperative to sustainable success.
As we've grown to a company of nearly 4,000 strong, we have the opportunity to make a significant impact on our communities. We strongly support employee initiatives and align our giving campaigns and programs to organizations that are important to them.
Hyland is an equal opportunity employer. We value diversity and are committed to providing an inclusive workplace for all employees and applicants. Employment decisions are made without regard to any characteristic protected by applicable laws and regulations. Information collected during the hiring process is used solely to assess qualifications, verify identity, and comply with legal requirements.
- ...A leading logistics and transportation services company in Atlanta is looking for a highly motivated Application Security Engineer to bolster their security team. This role involves conducting security assessments, collaborating with development teams, and ensuring security...Senior
$110k - $130k
...A leading logistics company in South Carolina is seeking an experienced Application Security Engineer to enhance its security team. The ideal candidate should have extensive experience with application security, strong communication skills, and a solid understanding of...Senior$110k - $130k
...A leading logistics company is looking for an Application Security Engineer to join their security team in Raleigh, North Carolina. The ideal candidate will ensure the security of applications and data throughout the software development lifecycle, conducting assessments...Senior$100k - $150k
...Senior Application Security Engineer HYPERLUME San Jose, CA, USA USD 100k-150k / year Posted on Jun 30, 2026 Credo is seeking a Senior Application Security Engineer to advance our Secure SDLC, mitigate application risks, and partner with software, firmware, and engineering...Senior$110k - $130k
...A logistics services company located in Boston is seeking an experienced Application Security Engineer to enhance security across its applications. The ideal candidate will possess a strong technical background in software development, secure coding, and vulnerability...Senior$110k - $130k
...Ryder System, Inc. is seeking a motivated Application Security Engineer to join the security team in Salt Lake City, Utah. This position demands a strong technical background in software security and privacy, as the engineer will oversee the secure development lifecycle...Senior$110k - $130k
...Ryder System, Inc. seeks a highly motivated and experienced Application Security Engineer in Springfield, Illinois. This technical role ensures security best practices in software development, managing vulnerabilities, and collaborating with development teams. With a salary...Senior- ...SourcePro Search is conducting a search for an experienced Senior Application Security Engineer in Washington, DC. The ideal candidate will serve as subject matter expert integrating secure design for applications and services within the system development lifecycle....Senior
- ...About the role We're looking for a Senior Application Security Engineer to help keep Tangem's products secure. You'll focus on finding security issues in our web applications, backend services, and APIs before attackers do. You'll work closely with developers, review...SeniorRemote work
- ...The Sr. Application Security Engineer - Application Security Champion (ASC) Program is responsible for expanding and enabling the Application Security Champions (ASC) Community of Practice (CoP) across decentralized teams. This role focuses on embedding application security...SeniorWork at office
$140k - $160k
...Senior Application Security Engineer Chicago, Illinois 100% Remote Full Time $140k - $160k A consulting company is looking to bring on a hands on a Senior Application Security Engineer to work with clients on new development. You'll perform code reviews,...SeniorFull timeRemote work- ...Senior Application Security Engineer This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office. Key Responsibilities Integrate security practices throughout the SDLC in partnership with engineering and...SeniorWork at office2 days per week
- ...methodology.This is a great opportunity to work in an international team, apply and learn modern IT technologies Responsibilities Application Security with strong AI/ML security exposureThreat modeling and risk assessment for AI systems, APIs, and cloud-native...Senior
- ...As a Senior Security Engineer on the AppSec Foundations team, you will be instrumental in making secure behavior the default across the the... ...focus on turning findings into systemic improvements Leverage application telemetry (logs, traces, metrics) to assess security...Senior
$325k - $405k
A leading AI research firm in San Francisco is seeking a Security Engineer for Application Security. The role involves identifying and mitigating security vulnerabilities, conducting assessments, and developing security tools. Ideal candidates will have extensive experience...SeniorRemote job$130k - $180k
...advanced black-box and grey-box penetration tests on web applications, APIs (REST/GraphQL), and internal systems. Perform deep-dive mobile security assessments on iOS and Android, including reverse engineering and bypassing client-side controls like root detection and...Senior- ...Security Engineer 6–8+ years of experience in Application Security, Product Security, or DevOps with a strong security focus. Extensive hands-on experience with SAST, SCA, DAST, IaC scanning, and integrating security tools into modern CI/CD pipelines. Proven ability...SeniorRemote work
$97.1k - $161.8k
...capturing and refining information security requirements and ensures... ...the areas of secure coding, application authentication, encryption,... ...: Develop and implement engineering’s technical security policies... ...Technology, and occasionally senior leaders within Cybersecurity...SeniorWork experience placementWork from homeWorldwide1 day per week- ...As a member of the Application Security team, you will help prevent and mitigate vulnerabilities by collaborating with the rest of the organization... ..., Git and similar. Responsibilities Manage the end-to-end engineering and integration of AI/ML-driven security solutions into our...SeniorFull timeTemporary workFlexible hours
$160k - $220k
...all–driving incredible value for our customers. Join us! The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers’ data. As our first Application Security Engineer, you will take on a dynamic and high impact role. You will...SeniorHome officeFlexible hours- ...against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed... ..., or disability. Envision yourself at Barracuda As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program....SeniorWorldwideFlexible hours
- * 5–8+ years in Application Security, Product Security, or Secure Software Development.* Hands-on experience securing CI/CD pipelines and source... ...and the ability to influence developers, DevOps engineers, and leadership.* Strong problem-solving skills with an automation...SeniorLocal area
$120k - $150k
...IDEXX Laboratories is seeking an Senior Application Security Engineer to join our Product & Application Security team protecting applications across development teams. This role combines hands‑on security testing with strategic partnership - you will conduct security...SeniorLocal area$93.6k - $157.56k
...Overview As someone experienced with securing a wide variety of applications, you are looking for an opportunity to use your skills in an innovative... ...technology-oriented environment. As an Application Security Engineer at Esri, you will fill a critical role in helping...Senior$5,250 per month
...innovative technology-driven B2B payments organization seeking a curious, inquisitive, highly skilled and motivated Senior Application Security Engineer to join our team. Our company values collaboration, creativity, and excellence in delivering cutting-edge solutions...Senior16 hoursTemporary workLocal area- ...ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability. Your Mission As a Senior Application Security Engineer, you will be instrumental in implementing and...SeniorPermanent employmentShift work
- ...Senior Application Security Engineer This role has been designed as 'Hybrid' with an expectation that you will work on average 2 days per week from an HPE office. Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work...SeniorWork at office2 days per week
$165k - $190k
...Senior Application Security Engineer San Francisco, California, United States Tatari is on a mission to revolutionize TV advertising. Founded in 2016 to help transform the antiquated world of TV advertising through the intelligent application of AI and machine learning...SeniorWork at office2 days per week- ...Senior Application Security Engineer Poland The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world's most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global...SeniorPermanent employmentContract workRemote workWorldwideFlexible hours
- ...ServiceNow's leading workflow automation with Moveworks' Reasoning Engine and natural language capabilities, we deliver the AI... ...everyone. The Role Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with...SeniorWork at officeRemote workFlexible hours
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Application Security Engineer. Be the first to apply!
- application system engineer United States
- hydraulic application engineer United States
- application support engineer United States
- application engineering manager United States
- field applications engineer United States
- senior application security engineer United States
- application operations engineer United States
- application performance engineer United States
- network applications engineer United States
- senior application support engineer United States

