Application Security Engineer
$180k - $250kFull-time
Polymarket
About Polymarket
Polymarket is the world's largest prediction market platform. We enable individuals to express views on real-world events by trading on outcomes across politics, economics, sports, culture, and current affairs. Built as a peer-to-peer marketplace with no centralized "house," Polymarket aggregates diverse opinions into transparent, market-based probabilities that reflect collective expectations about the future.
We're growing fast — both in terms of volume ($21B traded in 2025) and adoption as an alternative news source. Our ambition is to become a ubiquitous beacon of truth in global media and we need your help adding fuel to the fire.
About the Role
Polymarket is looking for an Application Security Engineer to embed security throughout our software development lifecycle. You'll partner directly with product and engineering teams to identify and fix vulnerabilities before they reach production, own the tooling and processes that make secure development the default, and lead hands-on security assessments of our externally-facing platform.
This is a high-ownership role at a company where engineering moves fast — the right candidate knows how to raise the security bar without becoming a bottleneck.
What You'll Do
- Own the application security program across the SDLC — from design review through deployment — ensuring security is addressed early and consistently
- Conduct threat modeling on new features and architectural changes; perform security design reviews and code reviews on high-risk changes with specific, actionable findings
- Own the SAST, DAST, and SCA toolchain — selection, deployment, tuning, and CI/CD integration so findings surface at commit time, not post-deployment
- Triage and prioritize automated scanner output, delivering a risk-ranked backlog rather than raw tool output to engineering teams
- Conduct manual penetration testing and security assessments of web applications, APIs, and internal services — with particular focus on authentication, authorization, and financial transaction flows
- Manage the external penetration testing program and own the bug bounty program end-to-end: triage, severity calibration, researcher communication, and payout coordination
- Track and drive remediation of application-layer vulnerabilities across the product portfolio; monitor CVEs and escalate exploitable issues requiring immediate action
- Develop and maintain secure coding guidelines and developer-facing security education tailored to the team's stack and threat model
What We're Looking For
- 3+ years of hands-on application security experience — penetration testing, secure code review, or a dedicated AppSec engineering role
- Strong proficiency identifying and exploiting OWASP Top 10 vulnerabilities; experience assessing modern web applications and API architectures
- Experience deploying and operating SAST, DAST, and SCA tooling (Semgrep, Snyk, Burp Suite, or equivalent)
- Ability to read and write code in at least one common backend language (Python, Go, TypeScript, or similar) to conduct meaningful code review
- Experience conducting or managing penetration tests against web applications and REST/GraphQL APIs
- Solid understanding of authentication and authorization patterns: OAuth 2.0, JWT, session management, RBAC, and common weaknesses in each
- Clear written communication — able to write findings that developers actually read and act on
- (Plus) Experience with a bug bounty platform (HackerOne, Bugcrowd, or equivalent) as an operator
- (Plus) Familiarity with smart contract security, blockchain transaction flows, or Web3 threat models
- (Plus) Experience securing financial transaction systems — payment flows, fraud vectors, double-spend risks
- (Plus) Security certifications: OSCP, GWAPT, GWEB, or equivalent
- (Plus) Exposure to AWS application-layer security services: WAF, API Gateway, Cognito, Shield
- (Plus) Prior experience building or scaling a security champions program inside an engineering organization
Benefits
- Competitive salary & equity
- Unlimited PTO
- Full Health, Vision, & Dental coverage
- 401k match
- Hardware setup: new MacBook Pro, big display, & accessories
Vacancy posted 15 days ago
Similar jobs that could be interesting for youBased on the Application Security Engineer in New York, NY vacancy
- ...Senior Security Engineer – Secure Code Review New York, NY On-site | Full-Time My client is seeking a Senior Security Engineer to join their Application Security practice. This role is ideal for a hands-on AppSec professional with a strong software development...SuggestedFull time
AGS
New York, NY4 hours ago - **We believe talent deserves a human touch. Your application will be read by an actual person who’s excited to discover the real you.****Application Security Engineer**Location: Remote (United States) | Employment Type: Full-Time**About the Role**We are looking for an Application...SuggestedFull timeRemote work
New Charter Technologies, Llc
New York, NY4 days ago $215k - $230k
...A leading blockchain intelligence firm is looking for an Application Security Engineer to secure mission-critical infrastructure. The role involves leading security reviews, developing testing methodologies, and managing vulnerability assessment processes. Candidates should...SuggestedCrypto Pro Network
New York, NY4 days ago- ...A leading web platform company is seeking a Senior Application Security Engineer to enhance their secure development practices. This remote role involves collaborating with engineering teams, identifying security vulnerabilities, and leading security initiatives. Candidates...SuggestedRemote work
Webflow
New York, NY4 days ago $320k - $405k
...whole. Our team is a quickly growing group of committed researchers, engineers, policy experts, and business leaders working together to build beneficial AI systems. About the role: The Application Security team is at the forefront of building security into every phase of...SuggestedContract workFor contractorsFor subcontractorWork at officeRemote workRelocationVisa sponsorshipWork visaFlexible hoursShift workAnthropic
New York, NY2 days ago- ...Perform expert-level secure code reviews focusing on OWASP Top 10 and CWE vulnerability... .... Identify, triage, and remediate application-layer vulnerabilities, including broken... ...strong relevant experience in software engineering or security operations with a focus on...Remote work
Crossing Hurdles
New York, NY4 days ago $130k - $218k
...A leading blockchain company is seeking a Senior Application Security Engineer to join their growing security team. The role involves embedding security throughout the software development lifecycle for MetaMask products, ensuring they meet high-security standards. Applicants...Remote workConsenSys
New York, NY4 days ago- ...APPLY! At Scroll, we operate on the bleeding edge of a fast-moving frontier of zk technology, research and innovation. The Application Security Engineer will be responsible for improving the zkEVM-based zkRollup security, ensuring that Scroll is one of the safest Layer 2’s...Work at officeRemote workHome officeFlexible hours
Blockchain Works
New York, NY4 days ago $128k - $181.25k
...capture moments that reflect who they uniquely are. This is an exciting time for Shutterfly and we are looking for a Senior Application Security Engineer to join our team! In this position you will be an integral part of a developing and expanding Application Security...Remote workShutterfly
New York, NY4 days ago$158k - $238k
...more performant digital experiences, and scale without heavy engineering support. From independent designers and creative agencies... ...power what’s possible on the web. We’re looking for a Senior Application Security Engineer to help us level up Webflow’s secure development...Permanent employmentFull timeTemporary workFixed term contractLocal areaRemote workFlexible hoursWebflow
New York, NY4 days ago- ...users (and help the developers behind them get paid), you’ll fit right in. The role: We are looking for a Senior, proactive Application Security Engineer to work closely with engineering teams, PMs and external parties to ensure that RevenueCat's products are secure....Remote work
RevenueCat
New York, NY4 days ago $40 per hour
...train AI models. In this role, you will evaluate AI-generated security content, solve technical cybersecurity problems, and provide feedback... ...testing, red teaming, incident response, detection engineering, DFIR, malware analysis, threat intelligence, or similar) Some...Hourly payFull timePart timeRemote workDataAnnotation
Brooklyn, NY1 day ago$220k - $350k
...Senior Application Security Engineer [Remote-US] remote To help keep everyone safe, we encourage all applicants to pay close attention to protect themselves during their job search. When applying for a position online you are at risk of being targeted by malicious actors...Extra incomeLocal areaRemote workWork from homeHome officeQuanata
New York, NY4 days ago- ...Application Security Engineer Brooklyn, NY Hybrid: 3 days onsite. One-year contract with the possibility of extension. Position Overview The Application Security Engineer is embedded within the Application Development team and ensures security is integrated...Contract work
Suncap Technology
Brooklyn, NY2 days ago $135k - $200k
...defense, intelligence, and commercial applications. We are trusted by our customers to protect... .... The mission of the Application Security Team is to enable developers to be highly... ...important. As an Application Security Engineer, you will be hands-on and have wide-...Work experience placementWork at officeRemote workWork from homeRelocation packagePalantir Technologies
New York, NY3 days ago- ...seeking a professional to be an integral component of the application security program end-to-end - from discovery and inventory of business... ...in application security, product security, or security engineering, with at least 3 years in environments with multiple independent...Work experience placementImmediate start
Artech
New York, NY1 day ago - ...Application Security Engineer - Vulnerability Operations (Mid-Level) Position: Contract Location: NJ/TX/NC Duration: 12+ months Job description: Required Qualifications & Skills: ~ Bachelor's degree in Computer Science,...Contract work
Lorven Technologies
Jersey City, NJ1 day ago - ...beacon of truth in global media and we need your help adding fuel to the fire. About the Role Polymarket is looking for an Application Security Engineer to embed security throughout our software development lifecycle. You'll partner directly with product and engineering...Contract workImmediate start
Polymarket
New York, NY5 days ago - ...Because at Valence, the work worth doing is the kind that redefines work itself. The Role We are seeking a seasoned Application Security Engineer to help us secure our products and platform that serve our Fortune 500 customers. In this pivotal role, you will be...Full timeFreelanceWork from home
Valence
New York, NY3 days ago - ...Application Security Engineer Must work on-site NYC Must have leadership skills to work independently Must have excellent verbal and communication skills Must be vetted by you before presenting them to us We are looking for engineers that have multiple skills...
Suncap Technology
New York, NY3 days ago - ...Application Security Engineer Application Security Engineer with DAST & SAST experience with scripting knowledge (JS, Python) Conducting Static Application Security Testing (SAST) using industry-leading tools such as Checkmarx, Veracode, and Fortify. Collaborating...
Syntricate Technologies
Jersey City, NJ3 days ago $80 - $85 per hour
...identifying and prioritizing risks specifically related to application security. ? Develop, socialize, and implement security strategies... ...control Requirements Senior Application Security Engineer Mandatory Skills/Experience • 12 years of...Contract workFlexible hoursNetwork Temp Inc
New York, NY1 day ago- ...catch regressions - turning production data into better AI with every release. About the role We're looking for an Application Security Engineer who lives in the code. Braintrust is a real-time, high-availability data platform that runs in both SaaS and self-hosted...Flexible hours
Brain Trust Inc
New York, NY7 days ago - ...Application Security Engineer | Location: New York, NY or Charlotte, NC | Contract his Application Security Engineer contract role will embed security into the software development lifecycle to protect enterprise applications across web, mobile, and API ecosystems...Contract work
Delphi-US
New York, NY2 days ago $176.53k - $264.8k
...Are you passionate about securing global-scale ecommerce services and applications that power millions of customers across over a hundred countries around the... ...looking for a hands‑on Principal Application Security Engineer to lead our Secure Development Lifecycle assurance...Local areaRemote workiHerb Inc.
New York, NY4 days ago- ...Lead Application Security Engineer We are a specialized technology staffing agency supporting professional and financial services companies. Why do we stand out in technology staffing? We listen and act as advisors for our candidates on how they can best add value,...Work at office
Eleven Recruiting
New York, NY3 days ago $210k - $230k
...report into the Director, Information Security and build relationships with technology... ...payment systems to identify and remediate application vulnerabilities. This individual... ...increase our AppSec posture and enable our engineers to code safely. Innovate with AI...Full timeWork at officeFlexible hoursUpside Services
New York, NY2 days ago$140k - $200k
Role As a Senior Application Security Engineer on the Application Security team, you will be a trusted partner to engineering, product, and business teams across Gemini. You will help guide teams to design and build secure products while building systems and culture that...Work at officeRemote workFlexible hours- ...providing a wide range of investment banking, securities, investment management and wealth... ...Strategy by architecting, engineering, deploying and operating technical security... ...agile delivery and adoption of Cloud and application security control implementations by development...Work experience placement
$80 - $90 per hour
...Genesis10 is currently seeking a Fullstack application developer- Hybrid position with a... ...We are seeking a highly skilled engineer who can design and build enterprise applications endtoend while also embedding security into every layer of the SDLC. You will work...Hourly payPermanent employmentContract work3 days per weekGenesis10
New York, NY5 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
Related searches
- application support engineer New York, NY
- senior application security engineer New York, NY
- application engineering manager New York, NY
- project application engineer New York, NY
- network applications engineer New York, NY
- technical application engineer New York, NY
- cnc applications engineer New York, NY
- hydraulic application engineer New York, NY
- application system engineer New York, NY
- application engineer New York, NY