Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Application Security Engineer

Oneleet Inc

About Oneleet

Oneleet is one of the fastest-growing security and compliance platforms in history. We are on a mission to change the compliance and security industry by making cybersecurity and compliance effective, easy, and painless. We provide a platform that helps companies build, manage, and monitor their cybersecurity programs and achieve compliance standards such as SOC 2 and ISO 27001 efficiently, without cutting corners.

Having just raised a $33 million Series A , we are rapidly growing in customers and employees. Our team has decades of experience in security and compliance. Join our team of opinionated rebels and help us build a category-defining company reshaping the broken and fragmented compliance and cybersecurity industry.
Who we're looking for:

We value passionate self-starters with a growth mindset and a bias for action and personal accountability. If you love solving hard problems, thrive in ambiguity, and want to make a real impact, you'll fit right in.

We're especially drawn to:
  • Rebels with a cause - frustrated with the status quo and eager to disrupt it.
  • Opinionated (but not obstinate) builders - decisive yet collaborative, who help us move fast.
  • Clear communicators - who own their ideas and follow through.
Our mission is simple: make effective cybersecurity painless. We believe cybersecurity should empower, not burden. This belief unites our team and drives every decision we make.

If you're ready to challenge the status quo and help shape the future of cybersecurity, we'd love to meet you.

As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually see - deciding what to surface, what to suppress, and how to make findings genuinely useful rather than noisy.

This is a hands-on, security-first engineering role at a Series A startup. You'll work closely with backend and fullstack engineers on how findings are stored, enriched, and presented, and you'll partner with product and design on what to build next. You'll be the security voice in product and engineering decisions, and you'll be empowered to push back when security judgment requires it.

You'll work directly with customers - security teams using the platform day-to-day - to understand what they actually need, and iterate quickly based on their feedback.

Key Responsibilities:
  • Own the integration, configuration, and output quality of security tooling that powers our platform
  • Tune outputs to maximize signal and minimize noise - decide what to surface, what to suppress, and what to enrich
  • Design rules, severity scoring, and triage flows that make findings actionable rather than overwhelming
  • Build the security judgment layer on top of underlying tooling - context-aware prioritization and exploitability reasoning
  • Partner with engineers on how findings are presented in the UI and how remediation flows work
  • Work with PM and design on roadmap priorities, providing the security expertise that drives what to build next
  • Review and shape architectural choices that affect security outcomes
  • Engage with customers directly to understand how they use the platform and what's blocking adoption
  • Benchmark our output quality against competitors and close gaps where they exist
  • Contribute back to the open source security tooling we depend on where it makes sense
Qualifications:
  • 5+ years of application security experience, with significant time shipping security products
  • Strong programming skills in at least one of Go, Python, or TypeScript - this is a product engineering role with security depth, not security operations
  • Hands-on experience tuning security tooling for production use - reducing false positives, building suppression logic, designing severity models
  • Understanding of vulnerability research, CVE/CWE taxonomies, and exploit reasoning
  • Has worked through what makes a security finding actually actionable vs. just technically true
  • Excellent communication skills and comfort working directly with customers
  • Pragmatic; knows how to build things fast without unnecessarily complicating things
  • Experience in (and thrives in) a fast-moving, start-up engineering environment
Bonus Experience:
  • Prior experience shipping a security product at a vendor
  • Contributions to open source security tooling
  • Offensive security background or OSCP / similar certifications
  • Hands-on experience with LLM agents, tool use, or autonomous AI systems
You should apply if any of the following excite you:
  • Owning the security depth of a product from tooling integration to user-facing findings
  • Being the security voice in a product team that ships fast and listens to customers
  • Building on top of best-in-class open source tooling rather than reinventing from scratch
  • Working directly with security teams using the product and iterating on real-world feedback
  • Joining a small, scrappy team where your security judgment shapes both the product and the company
Why Oneleet?

At Oneleet, you'll join a tight-knit team of rebels redefining the cybersecurity industry. We move fast, own our work, and challenge outdated models to make security effortless and effective for companies.

Here's what makes us special:
  • We value impact over titles, autonomy over micromanagement, and clarity over jargon.
  • You'll tackle meaningful, hard problems with real-world consequences.
  • You'll work with smart, kind, and ambitious teammates who lift each other up.
Perks & Benefits
  • Comprehensive health & wellness benefits
  • 20 days PTO per year, plus 8 floating holiday
  • Remote work culture
  • Team off-sites in stunning places (Amsterdam, Italy, etc).
  • Competitive compensation & equity

We hire globally and compensate competitively within each market using geographic pay bands. The range for this role reflects a US national baseline. Offers for candidates in higher cost-of-labor markets (e.g., San Francisco, New York, Zurich) may fall at or above the top of the posted range, while offers in other markets are benchmarked to local standards and are lower. Within any range, individual compensation is determined by work location, skills and experience demonstrated through the interview process, and relevant education or training. This posting reflects base salary only and does not include equity or benefits.

Remote-First & Global Hiring

We're a remote-first company and hire globally in regions where we can legally engage talent directly or via our employer-of-record (EOR) partner. If you're based outside the U.S., we'll explore the most compliant hiring arrangement for your location. We make hiring decisions based on merit, skills, and potential regardless of location.

U.S. Hiring & E-Verify

For U.S.-based candidates, Oneleet participates in E-Verify to confirm employment eligibility, in accordance with federal regulations. We are an equal opportunity employer. We do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected by applicable law.


This company uses automated technology, including AI-assisted tools, to assist in reviewing applications, assessing candidate qualifications, and detecting fraudulent submissions. These tools analyze application data and identity signals to support, but not replace, human hiring decisions. All final hiring decisions are made by a human reviewer. Candidates who require accommodation or who wish to request information about how these tools are used may contact View email address on click.appcast.io. This process is conducted in compliance with applicable federal, state, and local laws.
Vacancy posted 7 hours ago
Similar jobs that could be interesting for youBased on the Application Security Engineer in United States vacancy
  •  ...MANTECH seeks a motivated, career and customer-oriented Application Security (AppSec) Engineer to join our team in Hanover, MD. The Application Security (AppSec) Engineer will leverage their strong technical background and knowledge to support software assurance... 
    Suggested
    Work at office

    MANTECH

    Hanover, MD
    10 hours ago
  • Bringing security depth to product engineering teams, the full-time Application Security Engineer will integrate and configure security tooling, tune outputs for actionable findings, and collaborate with engineers and customers in a remote environment. Key Responsibilities... 
    Suggested
    Remote work

    VirtualVocations

    Fullerton, CA
    25 days ago
  • $192k - $240k

     ...Engineering at Brex Engineering at Brex is about building systems that scale with speed...  ...intention. Our teams span Software, Data, Security, and IT, and operate with high autonomy...  .... What you’ll do As a Senior Application Security Engineer, you will focus on finding... 
    Suggested
    Work experience placement
    Remote work

    Brex

    Scottsdale, AZ
    14 days ago
  •  ...public-sector customers who demand experience and proven security models to protect their data. ShorePoint subscribes to a...  ...more. Who we’re looking for: We are seeking an Application Security Engineer with expertise in Static and Dynamic Application Security... 
    Suggested
    Contract work
    Remote work

    Shorepoint

    Lubbock, TX
    7 days ago
  • To enhance enterprise application security, the remote contract Application Security AI Engineer will manage vulnerabilities, support software supply chain security initiatives, and implement AI-driven security solutions over a 12-month period. Key Responsibilities Perform... 
    Suggested
    Contract work
    Remote work

    VirtualVocations

    Shreveport, LA
    7 days ago
  • $86.9k - $198k

     ...Application Security Engineer Everyone is trying to "harness the cloud," but not everyone knows how. As a cloud computing infrastructure architect, you know how to take advantage of cloud capabilities. On our team of experienced professionals, you'll use cutting-edge... 
    Full time
    Contract work
    Part time
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Oklahoma City, OK
    2 days ago
  •  ...Application Security Engineer The Application Security Engineer will be responsible for analyzing software code repositories, code designs, processes, and implementation from a security perspective, and work with software development and infrastructure teams to identify... 

    Central Business Solutions

    San Francisco, CA
    1 day ago
  •  ...is looking for candidates with a background in managing security and vulnerability products (e.g., Snyk) within environments...  ..., not just governance or reporting. Title: Application Security Engineer Location: Hybrid to Woonsocket Office... 
    Work at office

    3B Staffing LLC

    Woonsocket, RI
    3 days ago
  •  ...As a fully remote company (even before COVID!), we welcome applicants from almost anywhere. Our team collaborates synchronously mostly...  .... The Role: Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of... 
    Work at office
    Immediate start
    Remote work
    Work from home
    Weekend work

    Monarch Money

    United States
    4 days ago
  • $88.3k - $110.4k

     ...the outdoors and a desire to protect it for future generations.  Role Summary We are seeking an experienced Application Security Engineer to join our Enterprise Cybersecurity team as an application security engineer to support the broader application security... 
    Full time
    Contract work
    Temporary work
    Part time
    Local area
    Shift work

    Rivian

    Atlanta, GA
    4 days ago
  •  ...Senior Application Security Engineer Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We're looking for a very experienced and highly motivated Senior Application Security Engineer to join our team as one of... 
    Hourly pay
    Full time
    Flexible hours

    Abridge

    San Francisco, CA
    1 day ago
  •  ...ADP is hiring a Senior Application Security Engineer in our Alpharetta, GA or Roseland, NJ office. This is a hybrid role. Overview: We are seeking a Senior Application Security Engineer to secure our software supply chain by assessing, governing, and mitigating... 
    Minimum wage
    Temporary work
    Work at office
    Local area

    ADP

    Alpharetta, GA
    20 hours ago
  • $110k

     ...Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must... 
    Full time

    Ryder

    Carson City, NV
    4 days ago
  • $180k - $225k

     ...Senior Application Security Engineer United States - Remote Opportunity About Us Temporal is an open source programming model that can simplify code, make applications more reliable, and help developers focus on the important things like delivering features faster... 
    Full time
    Temporary work
    Part time
    Remote work
    Work from home
    Home office

    Temporal Technologies

    United States
    2 days ago
  • $111k - $144.4k

     ...Sr. Application Security Engineer The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying... 
    Temporary work
    Work experience placement
    Remote work

    Clear Capital | CubiCasa

    United States
    8 hours ago
  •  ...This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Application Security Engineer based in United States. You will join a fast-growing, remote-first engineering organization building... 
    Remote work

    Jobgether

    United States
    8 hours ago
  • $165k - $190k

     ...Senior Application Security Engineer San Francisco, California, United States Tatari is on a mission to revolutionize TV advertising. Founded in 2016 to help transform the antiquated world of TV advertising through the intelligent application of AI and machine learning... 
    Work at office
    2 days per week

    Tatari

    San Francisco, CA
    2 days ago
  • $60 - $65 per hour

     ...Application Security Engineer Location: Phoenix, AZ 85054 (Atlanta GA, or NY, NY) (Onsite/Hybrid) Pay Rate: $60.00 - $65.00 per hour (Strict W2 Only) Duration: Through 12/31/2026 + Long-term Extension Compliance: No C2C, Third Parties, or W2 Referrals Role... 
    Hourly pay
    Weekly pay
    Temporary work
    Flexible hours

    Experis/Manpower Group

    Phoenix, AZ
    1 day ago
  •  ...development role as a Developer, or Architect § Java/Web development with strong secure coding background in RHEL and JBoss. § 3+years with Application Security Engineering conducting assessments, penetration testing, implementing tools for dynamic /... 

    3B Staffing LLC

    Albany, NY
    1 day ago
  • $150.2k - $225.4k

     ...About the team: The Information Security organization advances the overall state of security at Rubrik through purposeful...  ...information. About the role: Rubrik is seeking an Application Security Engineer. In this role, you will be responsible for ensuring that... 
    Work experience placement
    Local area
    Remote work
    Shift work

    Rubrik

    Oklahoma City, OK
    5 days ago
  •  ...Title : Application Security Engineer Location : Rockville, MD or McLean, VA Target Start Date : ASAP Type : contract Pay Rate: DOE The Senior Application Security Engineer is responsible for designing, implementing, and advancing... 
    Contract work
    Immediate start

    ConsultNet

    Rockville, MD
    2 days ago
  •  ...Role:- Application Security Product Manager Hybrid out of Alpharetta, GA 2 round interviews- zoom and in-person Bachelor's...  ...execution of a defined product roadmap by partnering with engineering, risk, and business stakeholders across a matrixed organization... 

    TriOptus LLC

    Alpharetta, GA
    3 days ago
  •  ...Must Have:- • Seeking candidates with solid expertise in Manual web application penetration testing and Manual secure code review. • Expertise is performing Manual Test Case Scenarios is a must. • Identification of Vulnerabilities in Source Codes manually is a must... 
    Remote work

    Yochana

    United States
    1 day ago
  •  ...Application Security Engineer Client: Securian Financial Location: Remote - Preferrably local to St. Paul, MN (Will consider A+ candidates from permissible locations). The manager sees value in being able to come onsite, but he is open to considering fully remote... 
    Contract work
    Temporary work
    Local area
    Remote work

    Samprasoft

    United States
    2 days ago
  •  ...Senior Application Security Engineer This role has been designed as 'Hybrid' with an expectation that you will work on average 2 days per week from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people... 
    Work experience placement
    Work at office
    2 days per week

    Hewlett Packard Enterprise

    Alpharetta, GA
    1 day ago
  •  ...Application Security Engineer Phoenix, AZ (Hybrid role) try to get nearby candidates 24+ months contract 2 + years of experience communicating system vulnerabilities and remediation guidance to both technical and non-technical personnel. • 2 + year of... 
    Contract work

    Concord IT Systems

    Phoenix, AZ
    4 days ago
  •  ...Application Security Engineer We are looking for an experienced Application Security Engineer to join our cybersecurity team. The ideal candidate will be responsible for securing web applications and APIs by integrating security throughout the Software Development Life... 
    Remote work

    Juara IT Solutions Pvt Ltd

    United States
    3 days ago
  •  ...What You'll Do: - Collaborate with a team of engineers to implement *** specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications. - Work with Development, DevOps and Security teams to identify and develop... 
    Work experience placement
    Remote work

    Varite

    United States
    1 day ago
  •  ...Senior Application Security Engineer Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed... 
    Remote work
    Worldwide
    Flexible hours

    Barracuda Networks

    Ann Arbor, MI
    3 days ago
  • Job Title The minimum and maximum base salaries for this role are posted below; additionally, the role is eligible for bonus potential, equity and benefits. The range displayed reflects the minimum and maximum target for new hire salaries for the role based on U.S. ...
    Remote work

    Rubrik

    United States
    20 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!