Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Application Security Engineer

$180k - $210k
Full-time

Qualia

At Qualia, we've built the leading B2B real estate technology that transforms the home buying and selling experience into a simple, secure, and enjoyable process. Our SMB and Enterprise products bring together users from across the real estate ecosystem---homebuyers and sellers, lenders, title and escrow agents, and real estate agents---onto a single shared digital closing platform, providing greater clarity and transparency to real estate transactions. Today, through our business customers across the country, millions of consumers use Qualia to close on homes every year.

WHAT YOU'LL WORK ON

We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: you'll set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities across Qualia's products and cloud infrastructure, and you'll be the person other engineers want in the room when an architecture decision has a security dimension.

You'll partner daily with product engineering, infrastructure, and platform teams, and you'll work closely alongside our existing AppSec engineers - raising the technical bar of the team while staying deeply hands-on with code, tooling, and adversarial testing. This is the right role for someone who is as comfortable writing a Burp extension or a Semgrep rule as they are pairing with a product engineer to land a fix.

RESPONSIBILITIES

  • Run offensive assessments against Qualia's applications and infrastructure: manual penetration testing, exploit development, authenticated web/API testing, and adversarial review of new designs before they ship

  • Lead threat modeling and secure design review for the highest-risk initiatives across the company, and mentor engineers to do the same for their own work

  • Own and evolve our AppSec tooling stack end-to-end - SAST, DAST, SCA, secret scanning, IaC scanning, and the CI/CD gates that tie them together. Build the custom rules, detections, and automation that generic tooling doesn't give us

  • Harden our cloud posture: review AWS configurations, IAM policies, Kubernetes/EKS workloads, and networking boundaries; build automation and guardrails that prevent the same class of issue from recurring

  • Reduce toil for the team - write the tools, scripts, and integrations that turn a day of triage into a few minutes

  • Partner with Infrastructure and Platform on detection engineering, incident response support, and cross-cutting programs (secrets management, supply chain, runtime security)

  • Set the technical bar for the AppSec team: raise the quality of reviews, establish patterns others can reuse, and mentor peers across seniority levels

  • Represent AppSec in architectural reviews, vendor evaluations, and compliance efforts

YOUR BACKGROUND THAT LIKELY MAKES YOU A MATCH

  • 8+ years of hands-on experience in application security, offensive security, or security engineering, with demonstrable depth in at least two of: offensive testing, security tooling/automation, and cloud/infra security

  • Strong offensive skills - you can manually exploit real web and API vulnerabilities beyond what a scanner will find, and you can teach others to do the same

  • Deep familiarity with building and operating security tooling in a modern engineering org: SAST/DAST/SCA pipelines, custom detection rules, secrets scanning, and CI/CD security gates. You've written tooling, not just configured it

  • Production experience with AWS (IAM, VPC, networking, data services), containerized workloads (Docker, Kubernetes/EKS), and infrastructure-as-code (Terraform or similar)

  • Comfort reading, reviewing, and contributing code in at least one language common to modern web stacks (Python, Go, Ruby, TypeScript, or similar)

  • Clear, direct communication style. You can make a sharp technical argument to senior engineers, translate risk into business terms for leadership, and write a bug report an engineer actually wants to fix

  • Strong partnership instincts - you get leverage by making other teams faster, not by blocking them

NICE TO HAVE

  • Experience in fintech, proptech, healthcare, or another regulated industry where data sensitivity is high

  • Background meaningfully contributing to a bug bounty program

  • Experience with identity and access systems (OIDC, SAML, federation, fine-grained authorization)

  • Detection engineering, DFIR, or red-team experience

  • Open source contributions to security tooling, published research, or CVE credits

  • Relevant certifications (OSCP, OSWE, GWAPT, GPEN, etc.) - valued but not required

While this role is remote work eligible, we have three office locations: San Francisco, California; Concord, New Hampshire; and Austin, Texas.

This role has a base annual salary of $180,000-$210,000 plus a competitive equity and benefits package. (Salary to be determined by relevant experience, location, knowledge, and skills of the applicant, internal equity, and alignment with market data.)

WHY QUALIA

Qualia is made up of incredibly bright, mission-driven coworkers who are passionate about using technology to solve real-world problems---and we're growing quickly. In order to continue building an engaging and dynamic organization, we're committed to giving everyone the support they need to do great work.

Our benefits package is designed to allow our team members to be their best selves, both in and out of the workplace. In addition to comprehensive health plans, a 401k program, and commuter benefits, we prioritize family and personal well-being through professional development, parental leave, and a flexible time off policy. Qualia offers a robust online onboarding program to train new hires, biweekly all hands meetings, and a variety of internal virtual events to keep employees connected.

We believe diverse perspectives and backgrounds are critical to building great technology, and our goal is to cultivate an environment where people feel equally valued and respected. Qualia is proud to be an equal-opportunity workplace, and we welcome applicants from all backgrounds regardless of race, color, ancestry, religion, gender identity or expression, sexual orientation, marital status, age, citizenship, socioeconomic status, disability, or veteran status.

By submitting your application, you acknowledge and agree to the collection, processing, and use of your personal information as described in our Employee Data Privacy Notice .

#LI-Remote

Vacancy posted 21 hours ago
Similar jobs that could be interesting for youBased on the Senior Application Security Engineer in Remote vacancy
  •  ...About the role We're looking for a Senior Application Security Engineer to help keep Tangem's products secure. You'll focus on finding security issues in our web applications, backend services, and APIs before attackers do. You'll work closely with developers, review... 
    Senior
    Remote work

    Tangem AG

    Indianapolis, IN
    1 day ago
  • $140k - $160k

     ...Senior Application Security Engineer Chicago, Illinois 100% Remote Full Time $140k - $160k A consulting company is looking to bring on a hands on a Senior Application Security Engineer to work with clients on new development. You'll perform code reviews,... 
    Senior
    Full time
    Remote work

    Motion Recruitment

    United States
    1 day ago
  •  ...Security Engineer 6–8+ years of experience in Application Security, Product Security, or DevOps with a strong security focus. Extensive hands-on experience with SAST, SCA, DAST, IaC scanning, and integrating security tools into modern CI/CD pipelines. Proven ability... 
    Senior
    Remote work

    Saxon Global

    United States
    5 days ago
  • $160k - $220k

     ...all–driving incredible value for our customers. Join us! The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers’ data. As our first Application Security Engineer, you will take on a dynamic and high impact role. You will... 
    Senior
    Home office
    Flexible hours

    ZipHQ, Inc.

    San Francisco, CA
    9 days ago
  • $97.1k - $161.8k

     ...capturing and refining information security requirements and ensures...  ...the areas of secure coding, application authentication, encryption,...  ...: Develop and implement engineering’s technical security policies...  ...Technology, and occasionally senior leaders within Cybersecurity... 
    Senior
    Work experience placement
    Work from home
    Worldwide
    1 day per week

    Dormont Manufacturing Company

    Buffalo, NY
    3 days ago
  • $325k - $405k

    A leading AI research firm in San Francisco is seeking a Security Engineer for Application Security. The role involves identifying and mitigating security vulnerabilities, conducting assessments, and developing security tools. Ideal candidates will have extensive experience... 
    Senior
    Remote job

    Jobleads-US

    San Francisco, CA
    4 days ago
  •  ...Senior Application Security Engineer Poland The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world's most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global... 
    Senior
    Permanent employment
    Contract work
    Remote work
    Worldwide
    Flexible hours

    TripAdvisor

    United States
    2 days ago
  •  ...ServiceNow's leading workflow automation with Moveworks' Reasoning Engine and natural language capabilities, we deliver the AI...  ...everyone. The Role Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with... 
    Senior
    Work at office
    Remote work
    Flexible hours

    ServiceNow

    Mountain View, CA
    3 days ago
  •  ...Senior Application Security Engineer We're looking for a Senior Application Security Engineer to help build and mature our application security program. You'll be a hands-on technical leader embedded across our engineering organization, working with developers to embed... 
    Senior
    Remote work
    Worldwide

    Hyland

    United States
    2 days ago
  • $111k - $144.4k

     ...Sr. Application Security Engineer The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying... 
    Senior
    Temporary work
    Work experience placement
    Remote work

    Clear Capital | CubiCasa

    United States
    1 day ago
  •  ...leading tech company in Plano, TX is seeking an experienced Application Security Analyst to enhance security within DevOps practices. This...  ...candidate has over 8 years of experience in DevOps and security engineering, holds a degree in Computer Science or Cybersecurity, and... 
    Senior
    Remote work

    IVID TEK INC

    Plano, TX
    3 days ago
  • $180k - $225k

     ...source programming model that can simplify code, make applications more reliable, and help developers focus on the important...  ...from you! SUMMARY Join our dynamic team as a Senior Application Security Engineer, where you'll play a pivotal role in securing the Temporal... 
    Senior
    Full time
    Temporary work
    Part time
    Work at office
    Remote work
    Work from home
    Home office

    Temporal Technologies

    United States
    5 days ago
  • $118.45k - $260.59k

     ...simplify health care one person, one family and one community at a time. POSITION SUMMARY CVS Health is seeking a Senior Manager, Application Security Engineering to lead enterprise application security, vulnerability management, secure software delivery, and security... 
    Senior
    Hourly pay
    Full time
    Temporary work
    Work experience placement
    Local area
    Remote work

    CVS Health

    Connecticut
    2 days ago
  • $192k - $240k

    Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management... 
    Senior
    Full time
    Work experience placement

    Brex

    Remote
    3 days ago
  • Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly... 
    Senior
    Full time
    Flexible hours

    Barracuda Networks Inc.

    Remote
    5 days ago
  • $180k - $215k

    Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering... 
    Senior
    Full time
    Work at office
    Remote work
    Weekend work

    Monarch Money

    Remote
    2 days ago
  • $130k - $160k

     ...information at scale across 75+ health systems and millions of patient encounters. Security is not a layer we add at the end; it is built into how we work. As a Senior Application Security Engineer, you will own the application security practice at Fabric, partnering... 
    Senior
    Full time

    Fabric

    Remote
    7 days ago
  • $157k - $216k

     ...investing in the next generation of our Application Security capability, a continuous, AI-augmented...  ...defense program built for a SaaS engineering organization where AI agents and human...  ...code side by side at high velocity. As a Senior AI Application Security Engineer, you... 
    Senior
    Full time
    Remote work

    AlphaSense

    Remote
    5 days ago
  • Role Description Our team is growing and we're hiring a Senior Application Security Engineer to join our engineering team and enable our next phase of growth. Canary's engineering team is fully remote! This role focuses on embedding security into the software development... 
    Senior
    Full time
    Remote work

    Canary Technologies Corp

    Remote
    3 hours ago
  • $180k - $210k

    Role Description We're hiring a Senior Application Security Engineer to join a small, high-leverage AppSec team. This is a deep-technical IC role with a staff-leaning scope: ~Set the technical direction and own delivery on how we find, fix, and prevent vulnerabilities... 
    Senior
    Full time
    Flexible hours

    Qualia

    Remote
    1 day ago
  • Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security... 
    Senior
    Full time
    Remote work
    Flexible hours

    GuidePoint Security

    Remote
    2 days ago
  • $190k - $273k

    Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends... 
    Senior
    Full time
    Flexible hours

    Apollo.io

    Remote
    3 days ago
  • $155k - $175k

    Role Description The Senior Application Security Engineer is a hands-on technical leader responsible for securing Lumin Digital’s B2B2C SaaS platform across the full software development lifecycle. This role exists at the intersection of application security and AI-augmented... 
    Senior
    Full time
    Remote work
    Flexible hours

    Lumin Digital

    Remote
    3 hours ago
  • $143k - $224k

     ...platform, Agility Arc , which allows businesses to deploy, monitor, and scale robot fleets. About The Role As a Senior Application Security Engineer, you will be crucial in integrating security controls directly into our software development lifecycle (SDLC). This... 
    Senior
    Remote job
    Full time
    Temporary work
    Relocation package
    Flexible hours

    Agility Robotics

    California
    7 days ago
  •  ...to combat illicit activity and global security threats. At TRM, you'll join a mission-...  ...experts in law enforcement, data science, engineering, and financial intelligence, tackling...  ...of the business. We are looking for an Application Security Engineer to build mission-critical... 
    Senior
    Remote job
    Full time
    Summer work
    Immediate start

    TRM Labs

    Remote
    more than 2 months ago
  • $120k - $258.5k

     ...Description Nordstrom is building a new Application Security team, built on a simple idea: teams shouldn...  ...we build with AI. You’ll report to the Senior Manager of Application Security and partner closely with product engineering and DevOps, alongside our security peers... 
    Senior
    Full time

    Nordstrom

    Remote
    1 day ago
  • $145k - $155k

     ...and take one remote day weekly (typically 13 weeks per quarter), leaving 5 additional remote days to be used as needed. Application Security Engineer (ASE) As a key member of the Security Engineering team, this person will help lead HarbourVest’s Application Security program... 
    Work at office
    Local area
    Remote work
    1 day per week

    SwiftCruit

    Boston, MA
    2 days ago
  •  ...satisfaction and retention. Software Engineer – Full Stack Developer Develop and maintain scalable web applications using .NET technologies and...  ...quality. Software Engineer (Senior) Lead quality and performance...  ...performance, scalability, security, and reliability. Build... 
    Contract work
    Remote work

    Tyler Technologies

    Troy, MI
    3 days ago
  •  ...public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a...  ...more. Who we’re looking for: We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security... 
    Contract work
    Remote work

    GrabJobs

    San Bernardino, CA
    3 days ago
  • $86.8k - $198k

     ...Job Number: R0240446 Application Security Engineer The Opportunity Everyone is trying to "harness the cloud," but not everyone knows how. As a cloud computing infrastructure architect, you know how to take advantage of cloud capabilities. On our team of experienced professionals... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Phase2 Technology

    Colorado Springs, CO
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Application Security Engineer. Be the first to apply!