Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Application Security Engineer

$190k - $237k

Apollo Inc

Apollo.io is the leading go-to-market solution for revenue teams, trusted by over 500,000 companies and millions of users globally, from rapidly growing startups to some of the world's largest enterprises. Founded in 2015, the company is one of the fastest growing companies in SaaS, raising approximately $250 million to date and valued at $1.6 billion. Apollo.io provides sales and marketing teams with easy access to verified contact data for over 210 million B2B contacts and 35 million companies worldwide, along with tools to engage and convert these contacts in one unified platform. By helping revenue professionals find the most accurate contact information and automating the outreach process, Apollo.io turns prospects into customers. Apollo raised a series D in 2023 and is backed by top-tier investors, including Sequoia Capital, Bain Capital Ventures, and more, and counts the former President and COO of Hubspot, JD Sherman, among its board members.

Role Overview

The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features.

This role blends deep code-level application security work with strong cross-functional partnership. It includes application security reviews, threat modeling, AppSec tooling, findings triage and remediation follow-through, external testing intake, and developer enablement.

This role is calibrated at the L6 senior-IC level: owning semi-annual or annual goals, solving ambiguous problems with sound judgment, improving operational processes, and driving meaningful cross-team collaboration and influence.

Key Responsibilities
Secure SDLC, design review, and threat modeling
  • Own and continuously improve the secure software development lifecycle for Apollo applications so security is embedded into design, implementation, and deployment.
  • Perform application security reviews, threat modeling, and deep code-level analysis for high-impact product, platform, and AI features before launch.
  • Provide practical security architecture guidance to Engineering, Product, and IT teams.
  • Help define and maintain application-security guardrails, secure design expectations, code review standards, and risk models for new and existing systems.
Vulnerability management and hands-on remediation
  • Drive execution-heavy vulnerability management across internal reviews, bug bounty, pentests, SCA/runtime findings, and other research signals, ensuring findings are validated, prioritized, routed clearly, and tracked through remediation and verification within SLAs.
  • Go beyond identifying issues: read the code, explain root cause, propose the safest fix, and directly implement or support remediation when needed for complex vulnerabilities.
  • Perform hands-on validation and offensive security testing of applications and fixes, including exploit development, bypass testing, adversarial thinking, and focused red-team-style exercises, to confirm remediations address the underlying issue rather than only the initial symptom.
  • Work across the kinds of application security issues common in modern SaaS environments, including authentication and authorization weaknesses, access control risks, OAuth and CSRF design flaws, SSRF, cryptographic and verification issues, information disclosure and data exposure risks, unsafe execution and deserialization patterns, and dependency or runtime vulnerabilities.
  • Apply clear, risk-based severity decisions using exploitability, data sensitivity, customer impact, and blast radius.
Tooling, automation, and AI
  • Configure and improve AppSec tooling and integrations, including SAST configuration, ignore lists, dashboards, and other controls that maintain useful coverage without excessive noise.
  • Select, build, or refine security tooling, small automations, and workflow enrichments that reduce manual effort and scale AppSec operations responsibly.
  • Use AI to automate, transform, and scale security and engineering-adjacent processes where it materially improves speed, consistency, or signal quality, while still validating outputs with strong engineering judgment.
  • Embed AI-specific security checks into SSDLC reviews and code analysis, including input and output handling, AI-exposed APIs, prompt and response guardrails, and abuse or data-exfiltration paths.
  • Partner cross-functionally on AI security requirements and controls so AI systems and AI-powered features are designed, deployed, and operated securely.
Engineering enablement and partnership
  • Support and scale security enablement for engineers and security champions, including secure coding, AppSec, and AI-safety content.
  • Provide actionable remediation guidance, secure patterns, and examples that help engineering teams fix issues quickly and correctly.
  • Partner closely with Engineering, Product, Platform, Data, Legal, and other security teams to keep AppSec priorities aligned with business risk and product velocity.
  • Produce clear documentation, metrics, and written narratives that improve AppSec visibility, observability, and decision-making.
What Good Looks Like at L6
  • Owns meaningful AppSec goals over a semi-annual or annual horizon and independently identifies the right solutions to ambiguous, open-ended problems.
  • Drives cross-team collaboration and operational improvements beyond isolated tickets or one-off reviews.
  • Makes informed decisions by balancing technical detail, business context, customer trust, and long-term risk.
  • Sets a high bar for ownership, communication, mentoring, and technical judgment, and helps raise the effectiveness of peers and partner teams.
Required Skills & Experience
  • 5+ years of software engineering or application security experience, with meaningful hands-on AppSec depth in modern SaaS environments.
  • Strong software development skills and the ability to read, write, and ship production code; Ruby experience is highly valuable, and Python or similar scripting ability is a plus.
  • Strong Linux and cloud fundamentals, ideally with experience in GCP-backed environments.
  • Deep familiarity with common AppSec issues, secure design, secure authentication and authorization patterns, vulnerability management, and developer security tooling.
  • Demonstrated ability to perform deep code review, penetration testing, and exploit-oriented validation, and to either fix vulnerabilities directly or work closely with engineers to land durable remediations that hold up against bypass attempts and variant analysis.
  • Experience handling findings from bug bounty, pentests, internal reviews, or automated security tooling through closure and verification.
  • Experience using AI-assisted tools, automations, APIs, or structured workflows to improve engineering or security processes at scale.
  • Experience securing AI-powered systems or features, including AI API exposure, prompt and response handling, data protection, misuse scenarios, and monitoring expectations.
  • Strong written and verbal communication, stakeholder management, and influencing skills across technical and non-technical partners.
Preferred Qualifications
  • Experience supporting or leading security reviews for AI-native products, internal agents, or AI-assisted engineering workflows.
  • Experience improving secure-by-design practices and AppSec observability in a fast-moving engineering organization.
  • Experience with security training, developer enablement, or security champions programs.
  • Relevant security certifications are a plus.
Example Success Outcomes
    • Improve the health and flow of AppSec findings by keeping prioritization, remediation, and verification moving within defined SLAs.
    • Complete recurring application reviews or threat models for important systems and features.
    • Increase engineering adoption of secure patterns, AppSec tooling, and security training.
    • Reduce manual toil and improve AppSec signal quality through targeted automation and responsible use of AI-assisted workflows.

The listed Pay Range reflects the total cash compensation inclusive of annual base salary and annual bonus as applicable. For sales roles, the range provided is the role’s On Target Earnings ("OTE") range, meaning that the range includes both the sales commissions/sales bonus target and annual base salary for the role. This salary range may be inclusive of several career levels at Apollo and will be narrowed during the interview process based on a number of factors, including the candidate’s experience, qualifications, and location. Applicants interested in this role who are not located in the US may request the annual salary range for their location during the interview process.

Additional benefits for this role may include: equity; company bonus or sales commissions/bonuses; 401(k) plan; at least 10 paid holidays per year, flex PTO, and parental leave; employee assistance program and wellbeing benefits; global travel coverage; life/AD&D/STD/LTD insurance; FSA/HSA and medical, dental, and vision benefits.

Tier 1 Pay Range (San Francisco, New York City, Seattle) $218,000—$273,000 USD Tier 2 Pay Range (All other US Locations) $190,000—$237,000 USD
We are AI Native

Apollo.io is an AI-native company built on a culture of continuous improvement. We’re on the front lines of driving productivity for our customers—and we expect the same mindset from our team. If you're energized by finding smarter, faster ways to get things done using AI and automation, you'll thrive here.

Why You’ll Love Working at Apollo

At Apollo, we’re driven by a shared mission: to help our customers unlock their full revenue potential. That’s why we take extreme ownership of our work, move with focus and urgency , and learn voraciously to stay ahead.

We invest deeply in your growth, ensuring you have the resources, support, and autonomy to  own your role and make a real impact . Collaboration is at our core—we’re all for one , meaning you’ll have a team across departments ready to help you succeed. We encourage bold ideas and courageous action , giving you the freedom to experiment, take smart risks, and drive big wins.

If you’re looking for a place where your work matters, where you can push boundaries, and where your career can thrive—Apollo is the place for you. 

Learn morehere!

Vacancy posted 3 hours ago
Similar jobs that could be interesting for youBased on the Senior Application Security Engineer in United States vacancy
  •  ...This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Application Security Engineer based in United States. You will join a fast-growing, remote-first engineering organization building... 
    Senior
    Remote job
    Full time

    jobgether

    United States
    2 days ago
  •  ...This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Senior Application Security Engineer based in the United States. This role sits at the intersection of cybersecurity consulting and hands... 
    Senior
    Remote job
    Full time
    Home office
    Flexible hours

    jobgether

    United States
    5 days ago
  • $110k - $130k

     ...A leading logistics company in South Carolina is seeking an experienced Application Security Engineer to enhance its security team. The ideal candidate should have extensive experience with application security, strong communication skills, and a solid understanding of... 
    Senior

    Ryder

    Columbia, SC
    3 days ago
  • $1,500 per month

     ...the globe's largest banks, fintechs, enterprises, and consumer applications. Your Role Polygon's Application Security team sits at the intersection of every product we ship. With a growing engineering org, an active bug bounty program fielding 30+ open... 
    Senior
    Full time
    Contract work
    Remote work
    Home office
    Flexible hours

    Polygon Labs

    United States
    1 day ago
  • $143k - $224k

     ...platform, Agility Arc , which allows businesses to deploy, monitor, and scale robot fleets. About The Role As a Senior Application Security Engineer, you will be crucial in integrating security controls directly into our software development lifecycle (SDLC). This... 
    Senior
    Full time
    Temporary work
    Remote work
    Relocation package
    Flexible hours

    Agility Robotics

    United States
    2 hours ago
  •  ...SourcePro Search is conducting a search for an experienced Senior Application Security Engineer in Washington, DC. The ideal candidate will serve as subject matter expert integrating secure design for applications and services within the system development lifecycle.... 
    Senior

    SourcePro Search

    Washington DC
    3 days ago
  • $221k - $250k

     ...the internet, people, institutions, and applications need a trusted way to confirm who is a...  ...hardware, software, AI, cryptography, mobile engineering, and global operations. Our teams come...  ...our Liftoff event. About the Team The Security team at Tools for Humanity operates at... 
    Senior
    Flexible hours

    Kubelt

    San Francisco, CA
    4 days ago
  •  ...We are seeking a Sr. Application Security or DevSecOps Engineer with broad set of experiences to have an early and formative impact in many areas of the ZetaChain security program. The ideal candidate will be responsible for ensuring the security of our applications throughout... 
    Senior
    Contract work
    Remote work
    Flexible hours

    ZetaChain

    San Francisco, CA
    4 days ago
  •  ...Security Engineer 6–8+ years of experience in Application Security, Product Security, or DevOps with a strong security focus. Extensive hands-on experience with SAST, SCA, DAST, IaC scanning, and integrating security tools into modern CI/CD pipelines. Proven ability... 
    Senior
    Remote work

    Saxon Global

    United States
    3 days ago
  •  ...As a Senior Security Engineer on the AppSec Foundations team, you will be instrumental in making secure behavior the default across the the...  ...focus on turning findings into systemic improvements Leverage application telemetry (logs, traces, metrics) to assess security... 
    Senior

    United States Digital Space LLC

    New York, NY
    1 day ago
  •  ...Senior Application Security Engineer This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office. Key Responsibilities Integrate security practices throughout the SDLC in partnership with engineering and... 
    Senior
    Work at office
    2 days per week

    Hobbsnews

    Spring, Montgomery County, TX
    2 days ago
  • $140k - $190k

     ...Senior Application Security Engineer Let’s Tango! Where Innovation Meets Impact. At Tango we’re all about helping businesses make smarter decisions through powerful technology, insightful data, and a whole lot of collaboration. Whether you're a creative thinker,... 
    Senior
    Work at office
    Remote work
    Flexible hours

    Tango

    United States
    1 day ago
  •  ...providing critical information about the right treatments for the right patients, at the right time. Tempus is seeking a Senior Application Security Engineer with deep expertise in penetration testing to lead efforts in identifying and remediating vulnerabilities across web... 
    Senior

    SwiftCruit

    Chicago, IL
    3 hours ago
  • $160k - $220k

     ...all–driving incredible value for our customers. Join us! The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers’ data. As our first Application Security Engineer, you will take on a dynamic and high impact role. You will... 
    Senior
    Home office
    Flexible hours

    ZipHQ, Inc.

    San Francisco, CA
    2 days ago
  • $130k - $218k

     ...MetaMask aims to create a thriving engineering organization that supports the...  ...cryptographic key manager and web3 application development platform. As this...  ...that we keep our users as safe and secure as possible. We are looking for a Senior Application Security Engineer to... 
    Senior
    Remote work
    Shift work

    ConsenSys

    New York, NY
    1 day ago
  •  ...against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed...  ..., or disability. Envision yourself at Barracuda As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program.... 
    Senior
    Worldwide
    Flexible hours

    Barracuda Networks Inc

    Ann Arbor, MI
    3 days ago
  •  ...Senior Application Security Engineer Remote RegScale is a continuous controls monitoring (CCM) platform that helps organizations automate and scale their security, risk, and compliance programs. We are at an inflection point, transitioning from startup execution... 
    Senior
    Remote work
    All shifts
    Shift work

    RegScale

    United States
    5 days ago
  • $93.6k - $157.56k

     ...Overview As someone experienced with securing a wide variety of applications, you are looking for an opportunity to use your skills in an innovative...  ...technology-oriented environment. As an Application Security Engineer at Esri, you will fill a critical role in helping... 
    Senior

    Esri Canada

    Redlands, CA
    4 days ago
  • * 5–8+ years in Application Security, Product Security, or Secure Software Development.* Hands-on experience securing CI/CD pipelines and source...  ...and the ability to influence developers, DevOps engineers, and leadership.* Strong problem-solving skills with an automation... 
    Senior
    Local area

    Hewlett Packard Enterprise Development LP

    Durham, NC
    3 days ago
  •  ...As a member of the Application Security team, you will help prevent and mitigate vulnerabilities by collaborating with the rest of the organization...  ..., Git and similar. Responsibilities Manage the end-to-end engineering and integration of AI/ML-driven security solutions into our... 
    Senior
    Full time
    Temporary work
    Flexible hours

    Recurly

    Broomfield, CO
    4 days ago
  • $180k - $190k

     ...Branch is seeking an experienced Security professional to join our...  ...a background in securing applications, networks, cloud environments...  ...the SDLC by partnering with Engineering to implement secure design patterns...  ...engineering audiences and senior leadership Hands‑on SAST/... 
    Senior
    Remote work
    Home office
    Flexible hours

    Branch

    New York, NY
    1 day ago
  •  ...ServiceNow's leading workflow automation with Moveworks' Reasoning Engine and natural language capabilities, we deliver the AI...  ...everyone. The Role Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with... 
    Senior
    Work at office
    Remote work
    Flexible hours

    ServiceNow

    Mountain View, CA
    1 day ago
  •  ...ambition to build innovative technology that solves the next generation of engineering, manufacturing, and operational challenges for space security and sustainability. Your Mission As a Senior Application Security Engineer, you will be instrumental in implementing and... 
    Senior
    Permanent employment
    Shift work

    Dormont Manufacturing Company

    Denver, CO
    1 day ago
  • $97.1k - $161.8k

     ...Information Security Specialist Responsible for capturing and...  ...the areas of secure coding, application authentication, encryption,...  ...Develop and implement engineering's technical security policies...  ...Technology, and occasionally senior leaders within Cybersecurity... 
    Senior
    Work experience placement
    Remote work
    Worldwide

    M&T Bank

    United States
    3 days ago
  • $180k - $225k

     ...Summary Join our dynamic team as a Senior Application Security Engineer, where you’ll play a pivotal role in securing Temporal’s development pipeline, product, and customer execution environment. In this position, you’ll work closely with software engineering teams and... 
    Senior
    Temporary work
    Remote work
    Work from home
    Home office

    temporal

    New York, NY
    3 hours ago
  •  ...Senior Application Security Engineer Poland The Tripadvisor Group connects people to experiences worth sharing, and aims to be the world's most trusted source for travel and experiences. We leverage our brands, technology, and capabilities to connect our global... 
    Senior
    Permanent employment
    Contract work
    Remote work
    Worldwide
    Flexible hours

    TripAdvisor

    United States
    14 hours ago
  • $192k - $240k

     ...Senior Application Security Engineer Brex is the intelligent finance platform that enables companies to spend smarter and move faster in more than 200 markets. By combining global corporate cards and banking with intuitive spend management, bill pay, and travel software... 
    Senior
    Work experience placement
    Remote work

    Colorwave Inc

    United States
    14 hours ago
  • $157k - $216k

     ...investing in the next generation of our Application Security capability, a continuous, AI-augmented...  ...defense program built for a SaaS engineering organization where AI agents and human...  ...code side by side at high velocity. As a Senior AI Application Security Engineer, you... 
    Senior
    Contract work
    Local area
    Remote work

    AlphaSense, Inc.

    United States
    4 days ago
  • $146k - $175k

     ...Senior Application Security Engineer, AI & Product Security Artera is seeking a hands‑on Senior Application Security Engineer, AI & Product Security to work alongside our AI builders and Systems Engineers to threat‑model agentic and LLM‑powered features, harden PHI/PII... 
    Senior
    Temporary work
    Summer work
    Summer holiday
    Work at office
    Immediate start
    Flexible hours
    Shift work

    TenOneTen

    Seattle, WA
    2 days ago
  • Epsilon is seeking a Senior Application Security Engineer in Chicago, IL to enhance software application security. You will implement secure coding practices, perform security testing, and drive security architecture reviews. The ideal candidate has 10+ years of experience... 
    Senior

    UNAVAILABLE

    Chicago, IL
    9 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Application Security Engineer. Be the first to apply!