Application Security Engineer
$175k - $215kQuanata
About Quanata: Quanata is a premier, internationally recognized insurance technology innovation leader, cybersecurity trailblazer, and digital product pioneer on an absolute mission to help ensure a better world through sophisticated, context-based risk prediction and prevention software solutions. Blending elite Silicon Valley software talent and cutting-edge technical thinking with the stable, long-term funding and strategic backing of leading enterprise insurer State Farm, Quanata operates as a wholly owned high-growth subsidiary. Our distributed agile engineering groups build, manage, and scale a full-stack, flexible, and increasingly AI-native insurance software platform that empowers our primary clients, State Farm and HiRoad Assurance Company, to adapt seamlessly to changing consumer market demands. Prioritizing an inclusive, high-craft, and intensely positive workplace culture, Quanata thrives on giving its engineering teams the freedom to make a quantifiable structural impact on real-world systems. The company provides high-agency security engineers with an uncompromised remote canvas to leverage state-of-the-art secure development lifecycles, manipulate advanced automated vulnerability scanners, and govern cloud infrastructure safety models safely across the United States.
Position Overview
We are seeking a highly analytical, systems-minded Application Security Engineer to join our core centralized Security collective in a full-time remote capacity across the United States. In this high-leverage and tech-centric defensive seat, you will step up to claim true individual operational and strategic accountability for building secure-by-default products and services across our entire AI-native insurance technology platform. Shifting completely away from routine standalone firewall provisioning, monotone audit questionnaire checking, or passive baseline network monitoring, you will operate as a principal application defense architect—partnering face-to-face with Product and Software Engineering pods to shift security left into early application design phases. This position requires an enterprise tech or SaaS application security veteran with 4 to 6+ years of software engineering depth who codes automated security guardrails fluidly natively using Cybersecurity parameters, audits web codebases for logic flaws smoothly natively using QA Engineer inspection playbooks, and commands advanced threat modeling methodologies confidently under shifting production deadlines.
Key Responsibilities
- SDLC Security Automation and Architecture: Design, develop, and implement automated security testing guardrails, static/dynamic code analysis workflows (SAST/DAST), and dependency validation gates across our continuous deployment tracks cleanly natively utilizing Cybersecurity guidelines.
- Advanced Platform Threat Modeling: Lead comprehensive threat modeling exercises across complex, distributed software systems, leveraging methodologies like STRIDE or PASTA to isolate architectural vulnerabilities early in product discovery cycles.
- Meticulous Secure Code Auditing: Review pull requests, conduct deep semantic secure code reviews, and perform thorough application security assessments natively leveraging QA Engineer frameworks to eliminate potential application injection patterns, logical auth bypasses, or data leakage bugs.
- Vulnerability Management and Triage: Investigate, categorize, prioritize, and drive the systematic remediation of application security vulnerabilities, coordinating remediation tracks alongside software development cells.
- Secure Coding Advocacy and Coaching: Foster a secure development culture across the technical group, driving interactive secure coding training, engineering workshops, and proactive technical threat awareness initiatives.
- Compliance and Privacy Risk Management: Partner in lockstep with distributed Data Privacy, Security Operations, and Corporate Business Assurance teams to ensure platform compliance with strict insurance industry data rules and risk management objectives.
- Security Documentation and Standards Curation: Formulate, document, and maintain highly clear, scalable application security standards, procedural manuals, and secure-by-design baseline playbooks implemented across all engineering cells.
- AI Ecosystem and LLM Security Hardening: Research, model, and deploy specific defensive guardrails tailored to AI models, tracking emerging vector spaces including Large Language Model (LLM) top risks, injection strains, and prompt engineering leaks.
Required Skills & Qualifications
- A minimum of 4 to 6 years of verified professional history running advanced software engineering, application security consulting, penetration testing, distributed cloud security programming, or technical systems auditing.
- Mandatory Field Focus Depth: A minimum of 2 years of documented experience explicitly focused on application security engineering tracks, showing a history of partnering directly with software development teams to eliminate application layer risks.
- Deep, authoritative technical command of modern secure-by-design software development principles, containerization risks, cloud application patterns, and cryptography basics.
- Expert-tier capability writing security scanning macros, deploying automated pipelines, and configuring code parsers natively utilizing Cybersecurity tools.
- Practical operational familiarity parsing software testing registries, tracking vulnerability matrices, and running automated regression logic natively using QA Engineer protocols.
- Comprehensive familiarity with standard application security frameworks, requiring deep functional command of OWASP Top 10, ASVS, and MASVS guidelines.
- Hands-on programming proficiency in at least one modern programming language (such as Python, Java, Go, or JavaScript) alongside deep familiarity with its specific security ecosystem, library flaws, and package management constraints.
- Outstanding written, verbal, and interpersonal communication attributes in fluent English, enabling total confidence when explaining abstract technical risks or influencing cross-functional engineering leads.
- Location Context: Position open exclusively to qualified application security engineers based permanently and resident within the United States to operate under a remote-first layout (excluding U.S. territories), with core mandatory collaboration meeting hours running from 9:00 AM to 2:00 PM Pacific Time daily.
Preferred Strategic Indicators (Nice to Have)
- Possession of a recognized, industry-vetted technical security credential, such as a CSSLP, GWEB, OSWE, or closely related penetration testing certification.
- Prior commercial security engineering background operating explicitly within highly regulated environments, such as insurtech ecosystems, financial services SaaS platforms, fintech gateways, or healthcare records architectures.
- Advanced hands-on experience executing dynamic mobile application security testing (iOS/Android tracking) or running live web penetration testing events.
- Active, documented involvement in the global cybersecurity community through open-source contributions, developer mentoring, security publications, or conference presentations.
What We Offer
- Enterprise-Backed Silicon Valley Salaried Blueprint: An highly attractive full-time base salary package structured transparently between $175,000 and $215,000 USD per year , calibrated precisely to evaluate your application security authority and automation craft depth.
- The exceptional professional canvas to claim absolute technical ownership over the application security systems protecting a hyper-growth AI-native InsurTech platform fully backed by State Farm.
- Profound work-from-home remote parameters offering a remote-first layout across America, complete scheduling trust outside core meeting frames, and zero physical geographic commuting friction (with voluntary physical office access available for candidates resident near San Francisco, CA or Providence, RI).
- An exceptional **$2,000 USD One-Time Payment Workspace Stipend** provided immediately upon hire to fully furnish your remote office layout, paired with a brand-new, fully provisioned corporate MacBook Pro delivered straight to your home.
- Immediate baseline access to premium comprehensive corporate healthcare and family balance benefits, including robust medical, dental, and vision packages for you and your dependents, supplemental income tracks, and a company matching 401(k) plan.
- Access to elite mental health and wellness provisions, featuring a premium subscription to the Headspace application and a recurring monthly monetary wellness allowance.
- Generous time-off benefits, including an accrual of 4 weeks of paid vacation (PTO) in your very first year of employment, alongside 12 weeks of fully paid parental leave available to both birthing and non-birthing parents alike.
- Unmatched career and personal development upskilling systems, offering up to **$5,000 USD cash every single year** to finance external professional learning courses or continuing education, a full subscription to LinkedIn Learning, and advanced professional coaching tracks managed through BetterUp.
$85.7k - $125.69k
Role Description The Application Security Engineer is responsible for securing the software and applications that Credit Acceptance builds, buys, and operates. This role partners closely with engineering, product, architecture, and business teams to ensure that applications...SuggestedFull timeWork at officeWork from homeShift work$190k - $273k
Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends...SuggestedFull timeFlexible hours$120k - $258.5k
Role Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn’t have to choose between moving... ...of Application Security and partner closely with product engineering and DevOps, alongside our security peers in pentest, attack...SuggestedFull time$175k - $215k
Role Description We're looking for an Application Security Engineer to help build secure-by-default products and services across Quanata's AI-native insurance technology platform. In this role, you'll partner closely with Product, Engineering, and Security teams to identify...SuggestedExtra incomeFull timeHome officeShift work$157k - $216k
Role Description AlphaSense is investing in the next generation of our Application Security capability, a continuous, AI-augmented, layered defense program built for a SaaS engineering organization where AI agents and human developers ship code side by side at high velocity...SuggestedFull timeRemote work$135.9k - $203.9k
...Startups to global organizations, build secure, high-quality software faster and... ...position will implement our industry-leading Application Security products and solutions within... ...You will work alongside our sales, sales engineering, customer success managers, product...Full timeRemote workWork from home$180k - $215k
Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering...Full timeWork at officeRemote workWeekend work$111k - $144.4k
Role Description The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected...Full timeTemporary workWork experience placement- Role Description The primary responsibility of the Application Security Engineer – Cyber Security is to design, implement, and support the company’s overall information security infrastructure. This engineer sits at the intersection of application security, platform engineering...Full timeRemote work
- Role Description As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually...Full timeRemote work
- Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security...Full timeRemote workFlexible hours
- Role Description The Application Security Engineer plays a crucial role in securing our growing portfolio of applications. This role will focus on integrating security best practices into the Software Development Lifecycle (SDLC), ensuring compliance with regulatory requirements...Full time
$125.6k - $172.7k
Role Description As an Application Security Engineer at Solventum, you will: ~Join a team of cybersecurity professionals motivated to secure Solventum's healthcare information systems and the personal health information of our clients and their patients. ~Operate and...Full timeFlexible hours$192k - $240k
Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management....Full timeWork experience placement$180k - $210k
Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: ~Set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities...Full timeFlexible hours- Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development...Full timeRemote work
$156.9k - $229.7k
Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber’s applications and development ecosystems. You will partner closely with engineering teams to: ~Review code, secure software delivery pipelines, and design...Full time- Role Description We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed security into the SDLC...Full timeWorldwide
- ...this position will be a contributor to DevSecOps and overall application security initiatives in Ellucian. ~Analyze the security of... ...security training for product owners, business analysts, test engineers, and developers. ~Lead ongoing process and policy improvement...Full timeFlexible hours
$155k - $175k
Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented...Full timeRemote workFlexible hours$180k - $200k
...Description Here at Virtru you'll join an innovative product security team that is helping secure some of the world's most... ...core, functions in a wide range of threat models. As an application security engineer you will help our engineering teams maintain and develop...Full timeFlexible hours$120k - $145k
Role Description Parallels is seeking a highly motivated and talented Application Security Engineer to join our team. In this role, you will make security decisions that impact millions of our customers while gaining hands-on experience in exploit development and CVE discovery...Full timeRemote work$100k - $140k
Role Description Zocdoc’s most important asset is our people. As an Application Security Engineer, you’ll play a meaningful role in helping our development organization build secure software with confidence. In this role, you’ll work closely with our Compliance, Security...Full timeFlexible hours- Role Description The primary responsibility of the Senior Application Security Engineer (AI-First Development) is to design, orchestrate, and validate the offensive security tooling and adversary-emulation capabilities used to find, prove, and help remediate exploitable...Full timeFlexible hours
- Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You ’ll have the opportunity to learn quickly...Full timeFlexible hours
$97.1k - $161.8k
...for capturing and refining information security requirements and ensures their integration... ...in the areas of secure coding, application authentication, encryption, and quickly... ...areas as needed. ~Develop and implement engineering’s technical security policies and procedures...Full timeWork experience placementWorldwide- ...Application Security Engineer One of our large financial clients is looking for an experienced Application Security Engineer to join their team. If the below requirements fit your skillset, feel free to apply. Duration: Long Term/Multi Year Contract Location:...Long term contractRemote work
$175k
...Overview Corporate Tools is hiring an Security Engineer for $175,000/year. You will be a traditional company employee. This is a remote... ...of security knowledge of testing mobile, native applications, web applications, distributed and database systems ~ Must...Full timeWork at officeLocal areaRemote workFlexible hoursWeekend work- ...Application Security AI Engineer Remote 1 year with possible extension Must haves: 3 plus years Code scanning experience, 3 plus years open source scanning, and 3 plus years dynamic and static scanning The Application Security AI Engineer...Remote work
$110k
...Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must...Full time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
- senior application support engineer Remote
- application performance engineer Remote
- application support engineer Remote
- network applications engineer Remote
- field applications engineer Remote
- application security engineer Remote
- senior application security engineer Remote
- technical application engineer Remote
- application engineer Remote
- project application engineer Remote













