Senior Application Security Engineer II
$180k - $205.5kSpring Health
Role Description
Spring Health is looking for a Senior Application Security Engineer II to join our growing Application Security team. Reporting to the Manager, Application Security, you will play a key role in maturing and expanding our AppSec programs — including established SAST, SCA, and DAST capabilities — while helping shape new initiatives such as a Secure AI Development Lifecycle (ADLC). You will work alongside a team of engineers who have laid a strong foundation, bringing your experience to help take these programs to the next level.
This is a full-time, fully remote position open to candidates residing within the United States. Occasional travel to our NYC headquarters may be required.
What you’ll do:
- Contribute to the advancement of secure-by-design practices within the team’s S-SDLC program, including participation in architecture reviews, design consultations, and security guidance across the development lifecycle.
- Mentor engineers on secure coding practices, AppSec fundamentals, and career growth, fostering a collaborative environment where the team grows stronger together.
- Facilitate the development of an AI-assisted threat modeling program, spanning risk identification, security architecture, and proactive program maturity, enabling the ability to scale threat modeling across the organization.
- Contribute to maturing the team’s established SAST, SCA, and DAST programs through rule tuning, coverage improvements, and identifying opportunities to strengthen security controls as the organization scales.
- Perform security-focused code reviews of internal and open-source libraries, prioritizing findings by exploitability and business impact.
- Support vulnerability remediation efforts by assessing impact, proposing solutions, and validating fixes in accordance with the team’s established remediation workflows.
- Identify and implement process improvements and security automation using languages such as Go, Python, JavaScript, or Ruby, including the integration of AI tooling to improve team workflows and program efficiency.
- Contribute to security assessments of AI-integrated product features, including LLM APIs, vector databases, and RAG pipelines, with a focus on risks such as prompt injection, data leakage, and model supply-chain vulnerabilities.
- Contribute to the research, design, and development of a Secure AI Development Lifecycle (ADLC) in accordance with the OWASP Top 10 for LLM Applications and emerging adversarial ML guidance.
- Evaluate and recommend AI-assisted security tooling, including AI-augmented SAST and LLM-powered code review, to improve program coverage and team efficiency.
What success looks like:
- Demonstrated improvements to the team’s SAST, SCA, and DAST programs through rule tuning, noise reduction, and coverage expansion within the first 90 days.
- Delivery of a documented AI-assisted threat modeling program and foundational ADLC framework, including defined processes, tooling recommendations, and adoption milestones.
- Consistent adherence to team SLAs for vulnerability triage and remediation, with measurable contributions to reducing time-to-remediation for high and critical findings.
- Delivered security automation and AI tooling integrations that produce measurable improvements to program efficiency or engineering team experience.
- Completed security assessments of AI-integrated product features with documented findings, risk ratings, and remediation guidance delivered to engineering teams.
Qualifications
- 7+ years of professional experience in application security or a closely related security engineering discipline, including experience working on complex, ambiguous problem areas independently.
- Hands-on experience with DAST, SAST, and SCA tools, and manual testing techniques (OWASP, SANS Top 25).
- Demonstrated experience securing CI/CD pipelines with commercial and custom-built tooling.
- Experience with IaaS cloud infrastructure (AWS, Azure, or GCP), container technologies, and service-oriented architectures.
- Security automation experience in at least one of: Go, Python, JavaScript, or Ruby.
- Familiarity with AI/ML security concepts — prompt injection, adversarial inputs, model supply-chain risks, and the OWASP LLM Top 10.
- Working knowledge of AI and LLM tooling (e.g., OpenAI, Anthropic, LangChain, or equivalent) sufficient to assess security risk and integrate into automated workflows.
- Experience implementing controls aligned to NIST CSF, HIPAA, HITRUST, ISO-27001, or SOC-2.
- Strong cross-functional collaboration skills, with experience working alongside engineering, product, and leadership stakeholders to define and advance security priorities and plans.
- Bachelor’s degree in Computer Science, Engineering, MIS, IT, or equivalent work experience.
Nice to have:
- 3+ years of demonstrated experience in security architecture, including designing and reviewing security controls across cloud-based, distributed, or service-oriented systems.
- Experience leading or contributing to the development of a formal threat modeling program, including tooling selection, methodology design, and adoption across engineering teams.
- Hands-on experience evaluating or implementing AI security tooling, including AI-augmented testing, LLM security assessments, or automated risk analysis.
- Experience managing a bug bounty or vulnerability disclosure program.
- Experience in digital health, healthcare technology, or other HIPAA-regulated environments.
Benefits
- Health, Dental, Vision benefits start on your first day at Spring.
- Employer sponsored 401(k) match of up to 2% for retirement planning.
- A yearly allotment of no cost visits to the Spring Health network of therapists, coaches, and medication management providers for you and your dependents.
- Competitive paid time off policies including vacation, sick leave and company holidays.
- At 6 months tenure with Spring, parental leave of 18 weeks for birthing parents and 16 weeks for non-birthing parents.
- Access to Noom, a weight management program tailored to your unique needs and goals.
- Access to fertility care support through Carrot, in addition to $4,000 reimbursement for related fertility expenses.
- Access to Wellhub, which connects employees to the best options for fitness, mindfulness, nutrition, and sleep in one subscription.
- Access to BrightHorizons, which provides sponsored child care, back-up care, and elder care.
- Up to $1,000 Professional Development Reimbursement a year.
- $200 per year donation matching to support your favorite causes.
$117.6k - $176.4k
Sr. Application Engineer II The Protection, Controls & Automation (PCA) group of Digital Power is the engineering entity of Schneider Electric NAM that specializes in developing solutions for control and protection for electrical substations, data centers, oil & gas, and...SeniorTemporary workWork at officeRemote work- ...A consulting company is looking to bring on a hands on a Senior Application Security Engineer to work with clients on new development. You'll perform code reviews, conduct SAST/DAST/SCA scans, identify vulnerabilities in software, and interact with their clients on a...SeniorFull timeRemote work
- ...Senior Application Security Engineer - Moveworks Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with engineers to develop secure solutions from the ground up and ensure they remain robust over time?...SeniorRemote work
$140k - $200k
...wide range of simple, reliable, and secure crypto products and services to... ...reach, and impact. The Department: Application Security Gemini operates at the... ...and too expensive. The Role: Senior Application Security Engineer As a Senior Application Security...SeniorWork at officeRemote workFlexible hours$192k - $240k
...Senior Application Security Engineer Brex is the intelligent finance platform that enables companies to spend smarter and move faster in more than 200 markets. By combining global corporate cards and banking with intuitive spend management, bill pay, and travel software...SeniorWork experience placementRemote work- ...Senior Application Security Engineer Amerisure creates exceptional value for its partners, policyholders, and employees. As a property and casualty insurance company, Amerisure's promise to our partner agencies and policyholders begins with a comprehensive line of...SeniorLocal areaRemote workFlexible hours
- ...Senior Application Security Engineer Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We're looking for a very experienced and highly motivated Senior Application Security Engineer to join our team as one of...SeniorHourly payFull timeRemote workFlexible hours
$325k - $405k
A leading AI research firm in San Francisco is seeking a Security Engineer for Application Security. The role involves identifying and mitigating security vulnerabilities, conducting assessments, and developing security tools. Ideal candidates will have extensive experience...SeniorRemote job$5,250 per month
...a dynamic, technology-driven B2B payments organization that values collaboration, creativity, and excellence. As a Senior Application Security Engineer you will help ensure the security and integrity of our applications, systems, and data by identifying and driving remediations...Senior16 hoursFull timeTemporary workLocal areaRemote work- Blue Cross and Blue Shield of Nebraska seeks a Senior Application Security Engineer to lead technical efforts in ensuring secure application development. The successful candidate will implement secure software practices and collaborate with various teams to enhance security...SeniorRemote jobWork at office1 day per week
- We are seeking a Sr. Application Security or DevSecOps Engineer with broad set of experiences to have an early and formative impact in many areas of the ZetaChain security program. The ideal candidate will be responsible for ensuring the security of our applications throughout...SeniorRemote jobContract workFlexible hours
$60 - $62 per hour
...experience — talk with your recruiter to learn more. Base pay range $60.00/hr - $62.00/hr Hello We are looking for Senior Application Security Engineers Locations: Hybrid Roles in Charlotte, NC, Westlake, TX, Chandler, AZ and Minneapolis, MN - 3 days Onsite and 2 days...SeniorContract workH1bRemote work$77.24k - $130.49k
...areas of product selection and application. Develop and communicate... ...Should Have As An Application Engineer I 0‑2 years of relevant work... ...Have As An Application Engineer II 3‑5 years of relevant work experience... ...& Family Support Financial Security Learning & Development...SeniorWork experience placementWork at officeWorldwide$180k - $220k
Senior Application Security Engineer, AI and Machine Learning San Francisco, California, United States; Seattle, Washington, United States Who We Are Lightning AI is the company behind PyTorch Lightning. Founded in 2019, we build an end‑to‑end platform for developing,...SeniorWork at officeWork from homeFlexible hours2 days per week$190k - $273k
Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends...SeniorFull timeFlexible hours- ...leading tech company in Plano, TX is seeking an experienced Application Security Analyst to enhance security within DevOps practices. This... ...candidate has over 8 years of experience in DevOps and security engineering, holds a degree in Computer Science or Cybersecurity, and...SeniorRemote work
$146k - $175k
About the Opportunity Artera is seeking a hands‑on Senior Application Security Engineer, AI & Product Security to work alongside our AI builders and Systems Engineers to threat‑model agentic and LLM‑powered features, harden PHI/PII‑handling workflows, and ship the “paved...SeniorFull timeTemporary workSummer holidayWork at officeImmediate startRemote workFlexible hoursShift work$220k - $270k
Application Security Engineer - Staff 2 Primary Locations: Hybrid - 3 days in office in either Atlanta, GA or Mountain View, CA. Remote candidates... ...meet all qualifications. What is the opportunity? This is a senior, hands‑on technical leadership role on our Product...Temporary workWork at officeRemote workVisa sponsorshipShift work3 days per week$156.9k - $229.7k
...connect more cities and people to exceptional internet. The application window will be open until at least July 19th, 2026.... ...for immigration sponsorship. Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber...SeniorFull time$145k - $162k
Role Description The Senior Application Engineer II is responsible for developing a wide range of Ignition applications and solutions. They will develop smaller applications and solutions independently, and contribute to larger team projects as well. The Senior Application...SeniorFull time- ...Our reach is global, with headquarters in Denver, Colorado, and offices across the U.S., Canada, and India. The Senior Application Security Engineer is responsible for advancing application, product, cloud, API, identity, and AI security across Vertafore's software...SeniorContract workTemporary workWork at officeRemote workWork from homeFlexible hours
- ...opportunities and the support you need to build a meaningful career and make a powerful impact in our community. The Senior Application Security Engineer will serve as a technical leader and owner of company application security capabilities. This role is responsible...SeniorWork at officeRemote workShift work1 day per week
$192k - $240k
Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management...SeniorFull timeWork experience placement- Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly...SeniorFull timeFlexible hours
- Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security...SeniorFull timeRemote workFlexible hours
- ...distribute products. Our strength is our people and we’re always looking to strengthen our team across the globe. Join us as an Applications Engineer II/III , supporting our Nashville Division. Location Type: This position can be remote-hybrid, or onsite. How You’ll Make An...Work experience placementRemote workWorldwide
$157k - $216k
...investing in the next generation of our Application Security capability, a continuous, AI-augmented... ...defense program built for a SaaS engineering organization where AI agents and human... ...code side by side at high velocity. As a Senior AI Application Security Engineer, you...SeniorFull timeRemote work$180k - $215k
Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering...SeniorFull timeWork at officeRemote workWeekend work$97.1k - $161.8k
...for capturing and refining information security requirements and ensures their integration... ...in the areas of secure coding, application authentication, encryption, and quickly... ...areas as needed. ~Develop and implement engineering’s technical security policies and procedures...SeniorFull timeWork experience placementWorldwide$95.3k - $158.8k
...role on site in the Raleigh N.C. office 2-3 days a week. Senior Security Engineer II - Compliance Automation & Controls About Us... ...accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact (***) ***-****....SeniorWork at officeLocal areaRemote workFlexible hours2 days per week3 days per week
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Senior Application Security Engineer II. Be the first to apply!
- senior application support engineer Remote
- application performance engineer Remote
- application support engineer Remote
- network applications engineer Remote
- field applications engineer Remote
- application security engineer Remote
- senior application security engineer Remote
- technical application engineer Remote
- application engineer Remote
- project application engineer Remote






