Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Application Security Engineer

$175k - $215k
Full-time

Quanata

About Quanata: Quanata is a premier, internationally recognized insurance technology innovation leader, cybersecurity trailblazer, and digital product pioneer on an absolute mission to help ensure a better world through sophisticated, context-based risk prediction and prevention software solutions. Blending elite Silicon Valley software talent and cutting-edge technical thinking with the stable, long-term funding and strategic backing of leading enterprise insurer State Farm, Quanata operates as a wholly owned high-growth subsidiary. Our distributed agile engineering groups build, manage, and scale a full-stack, flexible, and increasingly AI-native insurance software platform that empowers our primary clients, State Farm and HiRoad Assurance Company, to adapt seamlessly to changing consumer market demands. Prioritizing an inclusive, high-craft, and intensely positive workplace culture, Quanata thrives on giving its engineering teams the freedom to make a quantifiable structural impact on real-world systems. The company provides high-agency security engineers with an uncompromised remote canvas to leverage state-of-the-art secure development lifecycles, manipulate advanced automated vulnerability scanners, and govern cloud infrastructure safety models safely across the United States.

Position Overview

We are seeking a highly analytical, systems-minded Application Security Engineer to join our core centralized Security collective in a full-time remote capacity across the United States. In this high-leverage and tech-centric defensive seat, you will step up to claim true individual operational and strategic accountability for building secure-by-default products and services across our entire AI-native insurance technology platform. Shifting completely away from routine standalone firewall provisioning, monotone audit questionnaire checking, or passive baseline network monitoring, you will operate as a principal application defense architect—partnering face-to-face with Product and Software Engineering pods to shift security left into early application design phases. This position requires an enterprise tech or SaaS application security veteran with 4 to 6+ years of software engineering depth who codes automated security guardrails fluidly natively using Cybersecurity parameters, audits web codebases for logic flaws smoothly natively using QA Engineer inspection playbooks, and commands advanced threat modeling methodologies confidently under shifting production deadlines.

Key Responsibilities

  • SDLC Security Automation and Architecture: Design, develop, and implement automated security testing guardrails, static/dynamic code analysis workflows (SAST/DAST), and dependency validation gates across our continuous deployment tracks cleanly natively utilizing Cybersecurity guidelines.
  • Advanced Platform Threat Modeling: Lead comprehensive threat modeling exercises across complex, distributed software systems, leveraging methodologies like STRIDE or PASTA to isolate architectural vulnerabilities early in product discovery cycles.
  • Meticulous Secure Code Auditing: Review pull requests, conduct deep semantic secure code reviews, and perform thorough application security assessments natively leveraging QA Engineer frameworks to eliminate potential application injection patterns, logical auth bypasses, or data leakage bugs.
  • Vulnerability Management and Triage: Investigate, categorize, prioritize, and drive the systematic remediation of application security vulnerabilities, coordinating remediation tracks alongside software development cells.
  • Secure Coding Advocacy and Coaching: Foster a secure development culture across the technical group, driving interactive secure coding training, engineering workshops, and proactive technical threat awareness initiatives.
  • Compliance and Privacy Risk Management: Partner in lockstep with distributed Data Privacy, Security Operations, and Corporate Business Assurance teams to ensure platform compliance with strict insurance industry data rules and risk management objectives.
  • Security Documentation and Standards Curation: Formulate, document, and maintain highly clear, scalable application security standards, procedural manuals, and secure-by-design baseline playbooks implemented across all engineering cells.
  • AI Ecosystem and LLM Security Hardening: Research, model, and deploy specific defensive guardrails tailored to AI models, tracking emerging vector spaces including Large Language Model (LLM) top risks, injection strains, and prompt engineering leaks.

Required Skills & Qualifications

  • A minimum of 4 to 6 years of verified professional history running advanced software engineering, application security consulting, penetration testing, distributed cloud security programming, or technical systems auditing.
  • Mandatory Field Focus Depth: A minimum of 2 years of documented experience explicitly focused on application security engineering tracks, showing a history of partnering directly with software development teams to eliminate application layer risks.
  • Deep, authoritative technical command of modern secure-by-design software development principles, containerization risks, cloud application patterns, and cryptography basics.
  • Expert-tier capability writing security scanning macros, deploying automated pipelines, and configuring code parsers natively utilizing Cybersecurity tools.
  • Practical operational familiarity parsing software testing registries, tracking vulnerability matrices, and running automated regression logic natively using QA Engineer protocols.
  • Comprehensive familiarity with standard application security frameworks, requiring deep functional command of OWASP Top 10, ASVS, and MASVS guidelines.
  • Hands-on programming proficiency in at least one modern programming language (such as Python, Java, Go, or JavaScript) alongside deep familiarity with its specific security ecosystem, library flaws, and package management constraints.
  • Outstanding written, verbal, and interpersonal communication attributes in fluent English, enabling total confidence when explaining abstract technical risks or influencing cross-functional engineering leads.
  • Location Context: Position open exclusively to qualified application security engineers based permanently and resident within the United States to operate under a remote-first layout (excluding U.S. territories), with core mandatory collaboration meeting hours running from 9:00 AM to 2:00 PM Pacific Time daily.

Preferred Strategic Indicators (Nice to Have)

  • Possession of a recognized, industry-vetted technical security credential, such as a CSSLP, GWEB, OSWE, or closely related penetration testing certification.
  • Prior commercial security engineering background operating explicitly within highly regulated environments, such as insurtech ecosystems, financial services SaaS platforms, fintech gateways, or healthcare records architectures.
  • Advanced hands-on experience executing dynamic mobile application security testing (iOS/Android tracking) or running live web penetration testing events.
  • Active, documented involvement in the global cybersecurity community through open-source contributions, developer mentoring, security publications, or conference presentations.

What We Offer

  • Enterprise-Backed Silicon Valley Salaried Blueprint: An highly attractive full-time base salary package structured transparently between $175,000 and $215,000 USD per year , calibrated precisely to evaluate your application security authority and automation craft depth.
  • The exceptional professional canvas to claim absolute technical ownership over the application security systems protecting a hyper-growth AI-native InsurTech platform fully backed by State Farm.
  • Profound work-from-home remote parameters offering a remote-first layout across America, complete scheduling trust outside core meeting frames, and zero physical geographic commuting friction (with voluntary physical office access available for candidates resident near San Francisco, CA or Providence, RI).
  • An exceptional **$2,000 USD One-Time Payment Workspace Stipend** provided immediately upon hire to fully furnish your remote office layout, paired with a brand-new, fully provisioned corporate MacBook Pro delivered straight to your home.
  • Immediate baseline access to premium comprehensive corporate healthcare and family balance benefits, including robust medical, dental, and vision packages for you and your dependents, supplemental income tracks, and a company matching 401(k) plan.
  • Access to elite mental health and wellness provisions, featuring a premium subscription to the Headspace application and a recurring monthly monetary wellness allowance.
  • Generous time-off benefits, including an accrual of 4 weeks of paid vacation (PTO) in your very first year of employment, alongside 12 weeks of fully paid parental leave available to both birthing and non-birthing parents alike.
  • Unmatched career and personal development upskilling systems, offering up to **$5,000 USD cash every single year** to finance external professional learning courses or continuing education, a full subscription to LinkedIn Learning, and advanced professional coaching tracks managed through BetterUp.
Vacancy posted 7 days ago
Similar jobs that could be interesting for youBased on the Application Security Engineer in Remote vacancy
  • $85.7k - $125.69k

    Role Description The Application Security Engineer is responsible for securing the software and applications that Credit Acceptance builds, buys, and operates. This role partners closely with engineering, product, architecture, and business teams to ensure that applications... 
    Suggested
    Full time
    Work at office
    Work from home
    Shift work

    Credit Acceptance

    Remote
    4 days ago
  • $190k - $273k

    Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends... 
    Suggested
    Full time
    Flexible hours

    Apollo.io

    Remote
    5 days ago
  • $120k - $258.5k

    Role Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn’t have to choose between moving...  ...of Application Security and partner closely with product engineering and DevOps, alongside our security peers in pentest, attack... 
    Suggested
    Full time

    Nordstrom

    Remote
    3 days ago
  • $175k - $215k

    Role Description We're looking for an Application Security Engineer to help build secure-by-default products and services across Quanata's AI-native insurance technology platform. In this role, you'll partner closely with Product, Engineering, and Security teams to identify... 
    Suggested
    Extra income
    Full time
    Home office
    Shift work

    Quanata

    Remote
    2 days ago
  • $157k - $216k

    Role Description AlphaSense is investing in the next generation of our Application Security capability, a continuous, AI-augmented, layered defense program built for a SaaS engineering organization where AI agents and human developers ship code side by side at high velocity... 
    Suggested
    Full time
    Remote work

    AlphaSense

    Remote
    7 days ago
  • $135.9k - $203.9k

     ...Startups to global organizations, build secure, high-quality software faster and...  ...position will implement our industry-leading Application Security products and solutions within...  ...You will work alongside our sales, sales engineering, customer success managers, product... 
    Full time
    Remote work
    Work from home

    Black Duck Software

    Remote
    55 minutes ago
  • $180k - $215k

    Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering... 
    Full time
    Work at office
    Remote work
    Weekend work

    Monarch Money

    Remote
    4 days ago
  • $111k - $144.4k

    Role Description The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected... 
    Full time
    Temporary work
    Work experience placement

    CubiCasa

    Remote
    55 minutes ago
  • Role Description The primary responsibility of the Application Security Engineer – Cyber Security is to design, implement, and support the company’s overall information security infrastructure. This engineer sits at the intersection of application security, platform engineering... 
    Full time
    Remote work

    Las Vegas Sands Corp.

    Remote
    7 days ago
  • Role Description As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually... 
    Full time
    Remote work

    Oneleet

    Remote
    2 days ago
  • Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security... 
    Full time
    Remote work
    Flexible hours

    GuidePoint Security

    Remote
    4 days ago
  • Role Description The Application Security Engineer plays a crucial role in securing our growing portfolio of applications. This role will focus on integrating security best practices into the Software Development Lifecycle (SDLC), ensuring compliance with regulatory requirements... 
    Full time

    H.W. Kaufman Group

    Remote
    1 day ago
  • $125.6k - $172.7k

    Role Description As an Application Security Engineer at Solventum, you will: ~Join a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients. ~Operate and... 
    Full time
    Flexible hours

    SOLVENTUM

    Remote
    8 days ago
  • $192k - $240k

    Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management.... 
    Full time
    Work experience placement

    Brex

    Remote
    5 days ago
  • $180k - $210k

    Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: ~Set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities... 
    Full time
    Flexible hours

    Qualia

    Remote
    3 days ago
  • Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development... 
    Full time
    Remote work

    Canary Technologies Corp

    Remote
    55 minutes ago
  • $156.9k - $229.7k

    Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber’s applications and development ecosystems. You will partner closely with engineering teams to: ~Review code, secure software delivery pipelines, and design... 
    Full time

    GFiber

    Remote
    6 hours ago
  • Role Description We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed security into the SDLC... 
    Full time
    Worldwide

    Hyland

    Remote
    5 days ago
  •  ...this position will be a contributor to DevSecOps and overall application security initiatives in Ellucian. ~Analyze the security of...  ...security training for product owners, business analysts, test engineers, and developers. ~Lead ongoing process and policy improvement... 
    Full time
    Flexible hours

    Ellucian

    Remote
    4 days ago
  • $155k - $175k

    Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented... 
    Full time
    Remote work
    Flexible hours

    Lumin Digital

    Remote
    55 minutes ago
  • $180k - $200k

     ...Description Here at Virtru you'll join an innovative product security team that is helping secure some of the world's most...  ...core, functions in a wide range of threat models. As an application security engineer you will help our engineering teams maintain and develop... 
    Full time
    Flexible hours

    Virtru

    Remote
    5 days ago
  • $120k - $145k

    Role Description Parallels is seeking a highly motivated and talented Application Security Engineer to join our team. In this role, you will make security decisions that impact millions of our customers while gaining hands-on experience in exploit development and CVE discovery... 
    Full time
    Remote work

    Parallels Inc

    Remote
    2 days ago
  • $100k - $140k

    Role Description Zocdoc’s most important asset is our people. As an Application Security Engineer, you’ll play a meaningful role in helping our development organization build secure software with confidence. In this role, you’ll work closely with our Compliance, Security... 
    Full time
    Flexible hours

    Zocdoc

    Remote
    1 day ago
  • Role Description The primary responsibility of the Senior Application Security Engineer (AI-First Development) is to design, orchestrate, and validate the offensive security tooling and adversary-emulation capabilities used to find, prove, and help remediate exploitable... 
    Full time
    Flexible hours

    Las Vegas Sands Corp.

    Remote
    1 day ago
  • Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly... 
    Full time
    Flexible hours

    Barracuda Networks Inc.

    Remote
    7 days ago
  • $97.1k - $161.8k

     ...for capturing and refining information security requirements and ensures their integration...  ...in the areas of secure coding, application authentication, encryption, and quickly...  ...areas as needed. ~Develop and implement engineering’s technical security policies and procedures... 
    Full time
    Work experience placement
    Worldwide

    M&T Bank

    Remote
    55 minutes ago
  •  ...Application Security Engineer One of our large financial clients is looking for an experienced Application Security Engineer to join their team. If the below requirements fit your skillset, feel free to apply. Duration: Long Term/Multi Year Contract Location:... 
    Long term contract
    Remote work

    Software Technology Inc

    United States
    4 days ago
  • $175k

     ...Overview Corporate Tools is hiring an Security Engineer for $175,000/year. You will be a traditional company employee. This is a remote...  ...of security knowledge of testing mobile, native applications, web applications, distributed and database systems ~ Must... 
    Full time
    Work at office
    Local area
    Remote work
    Flexible hours
    Weekend work

    Corporate Tools

    United States
    18 hours ago
  •  ...Application Security AI Engineer Remote 1 year with possible extension Must haves: 3 plus years Code scanning experience, 3 plus years open source scanning, and 3 plus years dynamic and static scanning The Application Security AI Engineer... 
    Remote work

    TriOptus LLC

    United States
    6 days ago
  • $110k

     ...Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must... 
    Full time

    Ryder

    Columbus, OH
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!