Senior Cloud-Native Application Security Engineer

Location San Francisco, CA Employment Type Full time Department Engineering Compensation $176K – $220K For cash compensation, we set standard ranges for all U.S.-based roles based on function, level, and geographic location, benchmarked against similar stage growth companies. In order to be compliant with local legislation, as well as to provide greater transparency to candidates, we share salary ranges on all job postings regardless of desired hiring location. Final offer amounts are determined by multiple factors, including geographic location as well as candidate experience and expertise, and may vary from the amounts listed above. Senior Application Security Engineer At Handshake, we believe security should be built into the product, not layered on after the fact. We're looking for a Senior Application Security Engineer who’s excited to shape how security shows up in the developer experience, and enable our engineering teams to ship secure code without compromising on velocity. About the Role As a Senior Application Security Engineer, you'll play a critical role in protecting Handshake’s users and their data. You'll work closely with our engineering, platform, and cloud teams to make the secure way the easy way and embed security directly into how software gets designed, written, and shipped. This role is on our Cloud Security squad on our Infra & Platform team and is an engineering forward role. You’ll be building systems, tools, and automation that make secure development the default. You’ll bring a modern, opinionated perspective on how application security should work in a cloud-native, AI-enabled environment. What You'll Do Own and grow key areas of our Secure Software Development Lifecycle (SDLC) like threat modeling, security reviews, and vulnerability management. Work collaboratively with and be a trusted partner for engineering teams. Eliminate whole classes of vulnerabilities by building secure by default libraries and tools into our platform. Raise the bar for security awareness by teaching others and sharing your knowledge through Design and build developer facing tooling to help engineers identify and fix security issues before they make it to production. Scale your impact and security knowledge by teaching others, automating processes, and leveraging AI and agentic tooling. Balance security and speed by using your judgement and expertise to add the right amount of security to our SDLC. Help respond to potential security incidents as a member of the security on-call rotation. What We're Looking For A builder mindset and experience working on large codebases and safely shipping code to production. Strong understanding of common application security risks (OWASP Top 10) and how to mitigate them. A pragmatic and empathetic approach to security controls that favors guidance over blocking and influence over mandates. Strong communication skills and the ability to communicate security risks and tradeoffs to both technical and non-technical audiences. Experience with threat modeling and risk assessments. Familiarity with securing and running software in a major cloud provider. Curiosity and a desire to use AI and agenting tooling to scale your and the security team’s impact. Nice to Haves Experience working in Google Cloud (GCP) Experience writing production code in the most popular languages at Handshake: Ruby, Typescript and Go. Experience building agentic systems to solve security problems. Why This Role You’ll have real ownership over how application security is built and scaled at Handshake. This role sits at the intersection of security, developer experience, and AI, with the opportunity to define how all three come together. As part of a fast paced and growing business you will regularly get to work on new and interesting problems. If you care about building systems (not just processes), enjoy working closely with engineers, and want to rethink what modern application security looks like, we’d love to hear from you. Perks Handshake delivers benefits that help you feel supported—and thrive at work and in life. The below benefits are for full-time US employees. Ownership: Equity in a fast-growing company Financial Wellness: 401(k) match, competitive compensation, financial coaching Family Support: Paid parental leave, fertility benefits, parental coaching Wellbeing: Medical, dental, and vision, mental health support, wellness stipend Growth: Learning stipend, ongoing development Remote & Office: Internet, commuting, and free lunch/gym in our SF office Time Off: Flexible PTO, 15 holidays + 2 flex days Connection: Team outings & referral bonuses Explore our mission, values, and comprehensive US benefits at joinhandshake.com/careers . Compensation Range: $176K - $220K #J-18808-Ljbffr Cacheflow