Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Senior Application Security Engineer II

$180k - $205.5k
Full-time

Spring Health

Role Description

Spring Health is looking for a Senior Application Security Engineer II to join our growing Application Security team. Reporting to the Manager, Application Security, you will play a key role in maturing and expanding our AppSec programs — including established SAST, SCA, and DAST capabilities — while helping shape new initiatives such as a Secure AI Development Lifecycle (ADLC). You will work alongside a team of engineers who have laid a strong foundation, bringing your experience to help take these programs to the next level.

This is a full-time, fully remote position open to candidates residing within the United States. Occasional travel to our NYC headquarters may be required.

What you’ll do:

  • Contribute to the advancement of secure-by-design practices within the team’s S-SDLC program, including participation in architecture reviews, design consultations, and security guidance across the development lifecycle.
  • Mentor engineers on secure coding practices, AppSec fundamentals, and career growth, fostering a collaborative environment where the team grows stronger together.
  • Facilitate the development of an AI-assisted threat modeling program, spanning risk identification, security architecture, and proactive program maturity, enabling the ability to scale threat modeling across the organization.
  • Contribute to maturing the team’s established SAST, SCA, and DAST programs through rule tuning, coverage improvements, and identifying opportunities to strengthen security controls as the organization scales.
  • Perform security-focused code reviews of internal and open-source libraries, prioritizing findings by exploitability and business impact.
  • Support vulnerability remediation efforts by assessing impact, proposing solutions, and validating fixes in accordance with the team’s established remediation workflows.
  • Identify and implement process improvements and security automation using languages such as Go, Python, JavaScript, or Ruby, including the integration of AI tooling to improve team workflows and program efficiency.
  • Contribute to security assessments of AI-integrated product features, including LLM APIs, vector databases, and RAG pipelines, with a focus on risks such as prompt injection, data leakage, and model supply-chain vulnerabilities.
  • Contribute to the research, design, and development of a Secure AI Development Lifecycle (ADLC) in accordance with the OWASP Top 10 for LLM Applications and emerging adversarial ML guidance.
  • Evaluate and recommend AI-assisted security tooling, including AI-augmented SAST and LLM-powered code review, to improve program coverage and team efficiency.

What success looks like:

  • Demonstrated improvements to the team’s SAST, SCA, and DAST programs through rule tuning, noise reduction, and coverage expansion within the first 90 days.
  • Delivery of a documented AI-assisted threat modeling program and foundational ADLC framework, including defined processes, tooling recommendations, and adoption milestones.
  • Consistent adherence to team SLAs for vulnerability triage and remediation, with measurable contributions to reducing time-to-remediation for high and critical findings.
  • Delivered security automation and AI tooling integrations that produce measurable improvements to program efficiency or engineering team experience.
  • Completed security assessments of AI-integrated product features with documented findings, risk ratings, and remediation guidance delivered to engineering teams.

Qualifications

  • 7+ years of professional experience in application security or a closely related security engineering discipline, including experience working on complex, ambiguous problem areas independently.
  • Hands-on experience with DAST, SAST, and SCA tools, and manual testing techniques (OWASP, SANS Top 25).
  • Demonstrated experience securing CI/CD pipelines with commercial and custom-built tooling.
  • Experience with IaaS cloud infrastructure (AWS, Azure, or GCP), container technologies, and service-oriented architectures.
  • Security automation experience in at least one of: Go, Python, JavaScript, or Ruby.
  • Familiarity with AI/ML security concepts — prompt injection, adversarial inputs, model supply-chain risks, and the OWASP LLM Top 10.
  • Working knowledge of AI and LLM tooling (e.g., OpenAI, Anthropic, LangChain, or equivalent) sufficient to assess security risk and integrate into automated workflows.
  • Experience implementing controls aligned to NIST CSF, HIPAA, HITRUST, ISO-27001, or SOC-2.
  • Strong cross-functional collaboration skills, with experience working alongside engineering, product, and leadership stakeholders to define and advance security priorities and plans.
  • Bachelor’s degree in Computer Science, Engineering, MIS, IT, or equivalent work experience.

Nice to have:

  • 3+ years of demonstrated experience in security architecture, including designing and reviewing security controls across cloud-based, distributed, or service-oriented systems.
  • Experience leading or contributing to the development of a formal threat modeling program, including tooling selection, methodology design, and adoption across engineering teams.
  • Hands-on experience evaluating or implementing AI security tooling, including AI-augmented testing, LLM security assessments, or automated risk analysis.
  • Experience managing a bug bounty or vulnerability disclosure program.
  • Experience in digital health, healthcare technology, or other HIPAA-regulated environments.

Benefits

  • Health, Dental, Vision benefits start on your first day at Spring.
  • Employer sponsored 401(k) match of up to 2% for retirement planning.
  • A yearly allotment of no cost visits to the Spring Health network of therapists, coaches, and medication management providers for you and your dependents.
  • Competitive paid time off policies including vacation, sick leave and company holidays.
  • At 6 months tenure with Spring, parental leave of 18 weeks for birthing parents and 16 weeks for non-birthing parents.
  • Access to Noom, a weight management program tailored to your unique needs and goals.
  • Access to fertility care support through Carrot, in addition to $4,000 reimbursement for related fertility expenses.
  • Access to Wellhub, which connects employees to the best options for fitness, mindfulness, nutrition, and sleep in one subscription.
  • Access to BrightHorizons, which provides sponsored child care, back-up care, and elder care.
  • Up to $1,000 Professional Development Reimbursement a year.
  • $200 per year donation matching to support your favorite causes.
Vacancy posted 14 hours ago
Similar jobs that could be interesting for youBased on the Senior Application Security Engineer II in Remote vacancy
  • $117.6k - $176.4k

    Sr. Application Engineer II The Protection, Controls & Automation (PCA) group of Digital Power is the engineering entity of Schneider Electric NAM that specializes in developing solutions for control and protection for electrical substations, data centers, oil & gas, and... 
    Senior
    Temporary work
    Work at office
    Remote work

    Schneider Electric

    Chicago, IL
    1 day ago
  •  ...A consulting company is looking to bring on a hands on a Senior Application Security Engineer to work with clients on new development. You'll perform code reviews, conduct SAST/DAST/SCA scans, identify vulnerabilities in software, and interact with their clients on a... 
    Senior
    Full time
    Remote work

    Motion Recruitment

    United States
    3 days ago
  •  ...Senior Application Security Engineer - Moveworks Are you interested in being part of Application Security efforts at Moveworks? Do you enjoy collaborating closely with engineers to develop secure solutions from the ground up and ensure they remain robust over time?... 
    Senior
    Remote work

    ServiceNow

    United States
    3 days ago
  • $140k - $200k

     ...wide range of simple, reliable, and secure crypto products and services to...  ...reach, and impact. The Department: Application Security Gemini operates at the...  ...and too expensive. The Role: Senior Application Security Engineer As a Senior Application Security... 
    Senior
    Work at office
    Remote work
    Flexible hours

    Gemini

    United States
    3 days ago
  • $192k - $240k

     ...Senior Application Security Engineer Brex is the intelligent finance platform that enables companies to spend smarter and move faster in more than 200 markets. By combining global corporate cards and banking with intuitive spend management, bill pay, and travel software... 
    Senior
    Work experience placement
    Remote work

    Colorwave Inc

    United States
    4 days ago
  •  ...Senior Application Security Engineer Amerisure creates exceptional value for its partners, policyholders, and employees. As a property and casualty insurance company, Amerisure's promise to our partner agencies and policyholders begins with a comprehensive line of... 
    Senior
    Local area
    Remote work
    Flexible hours

    Amerisure

    Farmington Hills, MI
    1 day ago
  •  ...Senior Application Security Engineer Want to work on building out security from the ground up at the leading edge of AI in healthcare globally? We're looking for a very experienced and highly motivated Senior Application Security Engineer to join our team as one of... 
    Senior
    Hourly pay
    Full time
    Remote work
    Flexible hours

    Abridge

    New York, NY
    15 hours ago
  • $325k - $405k

    A leading AI research firm in San Francisco is seeking a Security Engineer for Application Security. The role involves identifying and mitigating security vulnerabilities, conducting assessments, and developing security tools. Ideal candidates will have extensive experience... 
    Senior
    Remote job

    Jobleads-US

    San Francisco, CA
    2 days ago
  • $5,250 per month

     ...a dynamic, technology-driven B2B payments organization that values collaboration, creativity, and excellence. As a Senior Application Security Engineer you will help ensure the security and integrity of our applications, systems, and data by identifying and driving remediations... 
    Senior
    16 hours
    Full time
    Temporary work
    Local area
    Remote work

    AvidXchange

    Charlotte, NC
    4 hours ago
  • Blue Cross and Blue Shield of Nebraska seeks a Senior Application Security Engineer to lead technical efforts in ensuring secure application development. The successful candidate will implement secure software practices and collaborate with various teams to enhance security... 
    Senior
    Remote job
    Work at office
    1 day per week

    Role, Inc.

    Omaha, NE
    1 day ago
  • We are seeking a Sr. Application Security or DevSecOps Engineer with broad set of experiences to have an early and formative impact in many areas of the ZetaChain security program. The ideal candidate will be responsible for ensuring the security of our applications throughout... 
    Senior
    Remote job
    Contract work
    Flexible hours

    Zetachain

    San Francisco, CA
    3 days ago
  • $60 - $62 per hour

     ...experience — talk with your recruiter to learn more. Base pay range $60.00/hr - $62.00/hr Hello We are looking for Senior Application Security Engineers Locations: Hybrid Roles in Charlotte, NC, Westlake, TX, Chandler, AZ and Minneapolis, MN - 3 days Onsite and 2 days... 
    Senior
    Contract work
    H1b
    Remote work

    Motion Recruitment

    Chandler, AZ
    1 day ago
  • $77.24k - $130.49k

     ...areas of product selection and application. Develop and communicate...  ...Should Have As An Application Engineer I 0‑2 years of relevant work...  ...Have As An Application Engineer II 3‑5 years of relevant work experience...  ...& Family Support Financial Security Learning & Development... 
    Senior
    Work experience placement
    Work at office
    Worldwide

    Greenheck

    Schofield, WI
    3 hours ago
  • $180k - $220k

    Senior Application Security Engineer, AI and Machine Learning San Francisco, California, United States; Seattle, Washington, United States Who We Are Lightning AI is the company behind PyTorch Lightning. Founded in 2019, we build an end‑to‑end platform for developing,... 
    Senior
    Work at office
    Work from home
    Flexible hours
    2 days per week

    Lightning-Ai

    San Francisco, CA
    1 day ago
  • $190k - $273k

    Role Description The Senior Application Security Engineer II is a senior individual contributor responsible for strengthening Apollo’s secure software development lifecycle and reducing application risk across product, platform, and AI-powered features. This role blends... 
    Senior
    Full time
    Flexible hours

    Apollo.io

    Remote
    7 days ago
  •  ...leading tech company in Plano, TX is seeking an experienced Application Security Analyst to enhance security within DevOps practices. This...  ...candidate has over 8 years of experience in DevOps and security engineering, holds a degree in Computer Science or Cybersecurity, and... 
    Senior
    Remote work

    IVID TEK INC

    Plano, TX
    1 day ago
  • $146k - $175k

    About the Opportunity Artera is seeking a hands‑on Senior Application Security Engineer, AI & Product Security to work alongside our AI builders and Systems Engineers to threat‑model agentic and LLM‑powered features, harden PHI/PII‑handling workflows, and ship the “paved... 
    Senior
    Full time
    Temporary work
    Summer holiday
    Work at office
    Immediate start
    Remote work
    Flexible hours
    Shift work

    Artera

    Seattle, WA
    1 day ago
  • $220k - $270k

    Application Security Engineer - Staff 2 Primary Locations: Hybrid - 3 days in office in either Atlanta, GA or Mountain View, CA. Remote candidates...  ...meet all qualifications. What is the opportunity? This is a senior, hands‑on technical leadership role on our Product... 
    Temporary work
    Work at office
    Remote work
    Visa sponsorship
    Shift work
    3 days per week

    Omnissa

    Atlanta, GA
    1 day ago
  • $156.9k - $229.7k

     ...connect more cities and people to exceptional internet. The application window will be open until at least July 19th, 2026....  ...for immigration sponsorship. Role Description As a Senior Application Security Engineer, you will be a core technical advisor for securing GFiber... 
    Senior
    Full time

    GFiber

    United States
    1 day ago
  • $145k - $162k

    Role Description The Senior Application Engineer II is responsible for developing a wide range of Ignition applications and solutions. They will develop smaller applications and solutions independently, and contribute to larger team projects as well. The Senior Application... 
    Senior
    Full time

    Inductive Automation LLC

    Remote
    6 days ago
  •  ...Our reach is global, with headquarters in Denver, Colorado, and offices across the U.S., Canada, and India. The Senior Application Security Engineer is responsible for advancing application, product, cloud, API, identity, and AI security across Vertafore's software... 
    Senior
    Contract work
    Temporary work
    Work at office
    Remote work
    Work from home
    Flexible hours

    Vertafore

    Denver, CO
    1 day ago
  •  ...opportunities and the support you need to build a meaningful career and make a powerful impact in our community. The Senior Application Security Engineer will serve as a technical leader and owner of company application security capabilities. This role is responsible... 
    Senior
    Work at office
    Remote work
    Shift work
    1 day per week

    Role, Inc.

    Omaha, NE
    1 day ago
  • $192k - $240k

    Role Description As a Senior Application Security Engineer, you will focus on finding and responding to security vulnerabilities across the Brex platform. In this role, you will: ~Perform code reviews, design reviews, penetration testing, and vulnerability management... 
    Senior
    Full time
    Work experience placement

    Brex

    Remote
    7 days ago
  • Role Description As a Senior Application Security Engineer, you’ll help shape the future of our AppSec program. You’ll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You’ll have the opportunity to learn quickly... 
    Senior
    Full time
    Flexible hours

    Barracuda Networks Inc.

    Remote
    15 hours ago
  • Role Description GuidePoint Security offers an inclusive set of Application Security services helping clients implement, fine tune and run their Application Security SAST, DAST and SCA tools. Many clients need assistance with either supplementing their Application Security... 
    Senior
    Full time
    Remote work
    Flexible hours

    GuidePoint Security

    Remote
    5 days ago
  •  ...distribute products. Our strength is our people and we’re always looking to strengthen our team across the globe. Join us as an Applications Engineer II/III , supporting our Nashville Division. Location Type: This position can be remote-hybrid, or onsite. How You’ll Make An... 
    Work experience placement
    Remote work
    Worldwide

    JR Automation

    Nashville, TN
    3 hours ago
  • $157k - $216k

     ...investing in the next generation of our Application Security capability, a continuous, AI-augmented...  ...defense program built for a SaaS engineering organization where AI agents and human...  ...code side by side at high velocity. As a Senior AI Application Security Engineer, you... 
    Senior
    Full time
    Remote work

    AlphaSense

    Remote
    15 hours ago
  • $180k - $215k

    Role Description Monarch is seeking a Senior Application Security Engineer to join our Security Engineering team during a period of rapid growth. Reporting to the Head of Engineering Infrastructure, you will be a hands-on practitioner embedded across our product and engineering... 
    Senior
    Full time
    Work at office
    Remote work
    Weekend work

    Monarch Money

    Remote
    5 days ago
  • $97.1k - $161.8k

     ...for capturing and refining information security requirements and ensures their integration...  ...in the areas of secure coding, application authentication, encryption, and quickly...  ...areas as needed. ~Develop and implement engineering’s technical security policies and procedures... 
    Senior
    Full time
    Work experience placement
    Worldwide

    M&T Bank

    Remote
    1 day ago
  • $95.3k - $158.8k

     ...role on site in the Raleigh N.C. office 2-3 days a week. Senior Security Engineer II - Compliance Automation & Controls About Us...  ...accommodation or adjustment, please let us know by completing our Applicant Request Support Form or please contact (***) ***-****.... 
    Senior
    Work at office
    Local area
    Remote work
    Flexible hours
    2 days per week
    3 days per week

    LexisNexis

    Raleigh, NC
    16 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Senior Application Security Engineer II. Be the first to apply!