Senior Application Security Engineer
$180k - $210kQualia
At Qualia, we've built the leading B2B real estate technology that transforms the home buying and selling experience into a simple, secure, and enjoyable process. Our SMB and Enterprise products bring together users from across the real estate ecosystem---homebuyers and sellers, lenders, title and escrow agents, and real estate agents---onto a single shared digital closing platform, providing greater clarity and transparency to real estate transactions. Today, through our business customers across the country, millions of consumers use Qualia to close on homes every year.
WHAT YOU'LL WORK ON
We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: you'll set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities across Qualia's products and cloud infrastructure, and you'll be the person other engineers want in the room when an architecture decision has a security dimension.
You'll partner daily with product engineering, infrastructure, and platform teams, and you'll work closely alongside our existing AppSec engineers - raising the technical bar of the team while staying deeply hands-on with code, tooling, and adversarial testing. This is the right role for someone who is as comfortable writing a Burp extension or a Semgrep rule as they are pairing with a product engineer to land a fix.
RESPONSIBILITIES
Run offensive assessments against Qualia's applications and infrastructure: manual penetration testing, exploit development, authenticated web/API testing, and adversarial review of new designs before they ship
Lead threat modeling and secure design review for the highest-risk initiatives across the company, and mentor engineers to do the same for their own work
Own and evolve our AppSec tooling stack end-to-end - SAST, DAST, SCA, secret scanning, IaC scanning, and the CI/CD gates that tie them together. Build the custom rules, detections, and automation that generic tooling doesn't give us
Harden our cloud posture: review AWS configurations, IAM policies, Kubernetes/EKS workloads, and networking boundaries; build automation and guardrails that prevent the same class of issue from recurring
Reduce toil for the team - write the tools, scripts, and integrations that turn a day of triage into a few minutes
Partner with Infrastructure and Platform on detection engineering, incident response support, and cross-cutting programs (secrets management, supply chain, runtime security)
Set the technical bar for the AppSec team: raise the quality of reviews, establish patterns others can reuse, and mentor peers across seniority levels
Represent AppSec in architectural reviews, vendor evaluations, and compliance efforts
YOUR BACKGROUND THAT LIKELY MAKES YOU A MATCH
8+ years of hands-on experience in application security, offensive security, or security engineering, with demonstrable depth in at least two of: offensive testing, security tooling/automation, and cloud/infra security
Strong offensive skills - you can manually exploit real web and API vulnerabilities beyond what a scanner will find, and you can teach others to do the same
Deep familiarity with building and operating security tooling in a modern engineering org: SAST/DAST/SCA pipelines, custom detection rules, secrets scanning, and CI/CD security gates. You've written tooling, not just configured it
Production experience with AWS (IAM, VPC, networking, data services), containerized workloads (Docker, Kubernetes/EKS), and infrastructure-as-code (Terraform or similar)
Comfort reading, reviewing, and contributing code in at least one language common to modern web stacks (Python, Go, Ruby, TypeScript, or similar)
Clear, direct communication style. You can make a sharp technical argument to senior engineers, translate risk into business terms for leadership, and write a bug report an engineer actually wants to fix
Strong partnership instincts - you get leverage by making other teams faster, not by blocking them
NICE TO HAVE
Experience in fintech, proptech, healthcare, or another regulated industry where data sensitivity is high
Background meaningfully contributing to a bug bounty program
Experience with identity and access systems (OIDC, SAML, federation, fine-grained authorization)
Detection engineering, DFIR, or red-team experience
Open source contributions to security tooling, published research, or CVE credits
Relevant certifications (OSCP, OSWE, GWAPT, GPEN, etc.) - valued but not required
While this role is remote work eligible, we have three office locations: San Francisco, California; Concord, New Hampshire; and Austin, Texas.
This role has a base annual salary of $180,000-$210,000 plus a competitive equity and benefits package. (Salary to be determined by relevant experience, location, knowledge, and skills of the applicant, internal equity, and alignment with market data.)
WHY QUALIA
Qualia is made up of incredibly bright, mission-driven coworkers who are passionate about using technology to solve real-world problems---and we're growing quickly. In order to continue building an engaging and dynamic organization, we're committed to giving everyone the support they need to do great work.
Our benefits package is designed to allow our team members to be their best selves, both in and out of the workplace. In addition to comprehensive health plans, a 401k program, and commuter benefits, we prioritize family and personal well-being through professional development, parental leave, and a flexible time off policy. Qualia offers a robust online onboarding program to train new hires, biweekly all hands meetings, and a variety of internal virtual events to keep employees connected.
We believe diverse perspectives and backgrounds are critical to building great technology, and our goal is to cultivate an environment where people feel equally valued and respected. Qualia is proud to be an equal-opportunity workplace, and we welcome applicants from all backgrounds regardless of race, color, ancestry, religion, gender identity or expression, sexual orientation, marital status, age, citizenship, socioeconomic status, disability, or veteran status.
By submitting your application, you acknowledge and agree to the collection, processing, and use of your personal information as described in our Employee Data Privacy Notice .
#LI-Remote
- ...About the role We're looking for a Senior Application Security Engineer to help keep Tangem's products secure. You'll focus on finding security issues in our web applications, backend services, and APIs before attackers do. You'll work closely with developers, review...SeniorRemote work
$140k - $160k
...Senior Application Security Engineer Chicago, Illinois 100% Remote Full Time $140k - $160k A consulting company is looking to bring on a hands on a Senior Application Security Engineer to work with clients on new development. You'll perform code reviews,...SeniorFull timeRemote work- ...Security Engineer 6–8+ years of experience in Application Security, Product Security, or DevOps with a strong security focus. Extensive hands-on experience with SAST, SCA, DAST, IaC scanning, and integrating security tools into modern CI/CD pipelines. Proven ability...SeniorRemote work
$160k - $220k
...all–driving incredible value for our customers. Join us! The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers’ data. As our first Application Security Engineer, you will take on a dynamic and high impact role. You will...SeniorHome officeFlexible hours$97.1k - $161.8k
...capturing and refining information security requirements and ensures... ...the areas of secure coding, application authentication, encryption,... ...: Develop and implement engineering’s technical security policies... ...Technology, and occasionally senior leaders within Cybersecurity...SeniorWork experience placementWork from homeWorldwide1 day per week$325k - $405k
A leading AI research firm in San Francisco is seeking a Security Engineer for Application Security. The role involves identifying and mitigating security vulnerabilities, conducting assessments, and developing security tools. Ideal candidates will have extensive experience...SeniorRemote job- ...Senior Application Security Engineer Poland The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world's most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global...SeniorPermanent employmentContract workRemote workWorldwideFlexible hours
- ...ServiceNow's leading workflow automation with Moveworks' Reasoning Engine and natural language capabilities, we deliver the AI... ...everyone. The Role Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with...SeniorWork at officeRemote workFlexible hours
- ...Senior Application Security Engineer We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed...SeniorRemote workWorldwide
$111k - $144.4k
...Sr. Application Security Engineer The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying...SeniorTemporary workWork experience placementRemote work- ...leading tech company in Plano, TX is seeking an experienced Application Security Analyst to enhance security within DevOps practices. This... ...candidate has over 8 years of experience in DevOps and security engineering, holds a degree in Computer Science or Cybersecurity, and...SeniorRemote work
$180k - $225k
...source programming model that can simplify code, make applications more reliable, and help developers focus on the important... ...from you! SUMMARY Join our dynamic team as a Senior Application Security Engineer, where you'll play a pivotal role in securing the Temporal...SeniorFull timeTemporary workPart timeWork at officeRemote workWork from homeHome office$118.45k - $260.59k
...simplify health care one person, one family and one community at a time. POSITION SUMMARY CVS Health is seeking a Senior Manager, Application Security Engineering to lead enterprise application security, vulnerability management, secure software delivery, and security...SeniorHourly payFull timeTemporary workWork experience placementLocal areaRemote work$192k - $240k
Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management...SeniorFull timeWork experience placement- Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly...SeniorFull timeFlexible hours
$180k - $215k
Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering...SeniorFull timeWork at officeRemote workWeekend work$130k - $160k
...information at scale across 75+ health systems and millions of patient encounters. Security is not a layer we add at the end; it is built into how we work. As a Senior Application Security Engineer, you will own the application security practice at Fabric, partnering...SeniorFull time$157k - $216k
...investing in the next generation of our Application Security capability, a continuous, AI-augmented... ...defense program built for a SaaS engineering organization where AI agents and human... ...code side by side at high velocity. As a Senior AI Application Security Engineer, you...SeniorFull timeRemote work- Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development...SeniorFull timeRemote work
$180k - $210k
Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: ~Set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities...SeniorFull timeFlexible hours- Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security...SeniorFull timeRemote workFlexible hours
$190k - $273k
Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends...SeniorFull timeFlexible hours$155k - $175k
Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented...SeniorFull timeRemote workFlexible hours$143k - $224k
...platform, Agility Arc , which allows businesses to deploy, monitor, and scale robot fleets. About The Role As a Senior Application Security Engineer, you will be crucial in integrating security controls directly into our software development lifecycle (SDLC). This...SeniorRemote jobFull timeTemporary workRelocation packageFlexible hours- ...to combat illicit activity and global security threats. At TRM, you'll join a mission-... ...experts in law enforcement, data science, engineering, and financial intelligence, tackling... ...of the business. We are looking for an Application Security Engineer to build mission-critical...SeniorRemote jobFull timeSummer workImmediate start
$120k - $258.5k
...Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn... ...we build with AI. You’ll report to the Senior Manager of Application Security and partner closely with product engineering and DevOps, alongside our security peers...SeniorFull time$145k - $155k
...and take one remote day weekly (typically 13 weeks per quarter), leaving 5 additional remote days to be used as needed. Application Security Engineer (ASE) As a key member of the Security Engineering team, this person will help lead HarbourVest’s Application Security program...Work at officeLocal areaRemote work1 day per week- ...satisfaction and retention. Software Engineer – Full Stack Developer Develop and maintain scalable web applications using .NET technologies and... ...quality. Software Engineer (Senior) Lead quality and performance... ...performance, scalability, security, and reliability. Build...Contract workRemote work
- ...public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a... ...more. Who we’re looking for: We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security...Contract workRemote work
$86.8k - $198k
...Job Number: R0240446 Application Security Engineer The Opportunity Everyone is trying to "harness the cloud," but not everyone knows how. As a cloud computing infrastructure architect, you know how to take advantage of cloud capabilities. On our team of experienced professionals...Full timeContract workPart timeWork at officeLocal areaRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Application Security Engineer. Be the first to apply!
- application system engineer Remote
- hydraulic application engineer Remote
- application support engineer Remote
- application engineering manager Remote
- field applications engineer Remote
- senior application security engineer Remote
- application operations engineer Remote
- application performance engineer Remote
- network applications engineer Remote
- senior application support engineer Remote





