Application Security Engineer
Opal Services
Opal Security Application Security Engineer
At Opal, we're building modern identity governance for the AI era—intelligent access management that empowers enterprises to move fast while staying secure. Our mission is to bring clarity, control, and confidence to complex enterprise environments, helping teams govern access without slowing down innovation.
We're hiring an Application Security Engineer to own security across Opal's product and platform—and yes, own means what it sounds like. You'd be our dedicated security engineer, embedded directly with engineering, writing production code in Go and TypeScript, and building security into the product while it's still being designed. You'll work closely with a team of engineers that genuinely care about getting this right, and a product that happens to be one of the most security-critical tools in enterprise software.
This role lives on the Platform team and partners closely with Infrastructure Engineering on cloud security. It is explicitly scoped to application and product security—enterprise IT, compliance, and vendor risk management are handled separately.
What You'll Do:
- Own the secure SDLC end-to-end: threat modeling, design reviews, code reviews—you set the bar
- Run and coordinate app pentests (internal and external) and drive findings to closure
- Build and own SAST/DAST/SCA tooling wired into CI/CD so security ships with the code
- Triage and remediate vulnerabilities from every angle—bug bounty, internal scans, the works
- Build and maintain the security-critical stuff: encryption services, authz enforcement, authn flows
- Own the Auth0 ↔ Opal integration—tokens, sessions, MFA, SSO (SAML, OIDC, OAuth 2.0)
- Ship production Go and TypeScript to harden APIs, enforce least-privilege, and close vuln classes for good
- Create shared libraries that make the secure path the easy path for every product engineer
- Be first on the scene for security incidents: investigate, contain, find the root cause, fix it
- Partner with Infra on cloud hardening—AWS IAM, EKS, KMS, network segmentation
- Level up detection and response by writing detection rules and improving logging and alerting
- Mentor engineers on secure coding, common vuln patterns, and security architecture—you make the org smarter
- Help set the security roadmap by grounding it in real product risk
- Be the security teammate engineers want to work with—a collaborator, not a bottleneck
You Might Be a Fit If You:
- Have 4+ years in application security or software security engineering
- Actually write production code—findings reports are the floor, not the ceiling
- Know auth cold: OAuth 2.0, OIDC, SAML, session management, token lifecycle
- Are comfortable in AWS and containerized environments (Kubernetes, Docker)
- Bonus points for familiarity with our stack: Go, TypeScript, React, PostgreSQL, Redis, GraphQL
- Have led complex, cross-functional security initiatives from kickoff to completion
- Have run or participated in external pentests and seen findings through remediation
- Thrive on ownership and ambiguity—you'd rather write the playbook than wait for one
Vacancy posted 1 day ago
Similar jobs that could be interesting for youBased on the Application Security Engineer in United States vacancy
$272k - $320k
...empower, and be owned by everyone. About the Security team: Well beyond “regular company security”... ...and software security. The team of 15+ engineers helps guide, blockchain, device, cloud, mobile and application security across all of our technologies. For example...SuggestedFlexible hoursKubelt
San Francisco, CA1 day ago$160k - $220k
...driving incredible value for our customers. Join us! The Security team at Zip is responsible for protecting the confidentiality and integrity of our customers’ data. As our first Application Security Engineer, you will take on a dynamic and high impact role. You will...SuggestedHome officeFlexible hoursZip
San Francisco, CA1 day ago- A leading procurement technology firm in San Francisco is seeking its first Application Security Engineer to build security guardrails and enhance product security across their platforms. The successful candidate will lead security initiatives, collaborate on product launches...Suggested
ZipHQ, Inc.
San Francisco, CA1 day ago $150k - $190k
...As a Sr. Application Security Engineer at vCluster Labs, you are the architect of trust in our diverse ecosystem. In this role, you will be responsible for the end-to-end security of our product, ensuring that vCluster remains the de facto standard for secure Kubernetes...SuggestedRemote workFlexible hoursShift workvCluster
Austin, TX3 days ago$40 per hour
...train AI models. In this role, you will evaluate AI-generated security content, solve technical cybersecurity problems, and provide feedback... ...testing, red teaming, incident response, detection engineering, DFIR, malware analysis, threat intelligence, or similar)Some...SuggestedHourly payFull timePart timeRemote workDataAnnotation
Washington DC3 days ago- ...Application Security Engineer Location: Remote Purpose: The application security engineer shall have extensive experience in the involvement and understanding of cloud security controls (security-as-code) and target cloud infrastructure Google Cloud Platform (GCP...Remote work
Software Technology Inc
United States4 days ago $220k - $350k
...Senior Application Security Engineer [Remote-US] remote To help keep everyone safe, we encourage all applicants to pay close attention to protect themselves during their job search. When applying for a position online you are at risk of being targeted by malicious actors...Extra incomeLocal areaRemote workWork from homeHome officeQuanata
New York, NY1 day ago$128k - $181.25k
...capture moments that reflect who they uniquely are. This is an exciting time for Shutterfly and we are looking for a Senior Application Security Engineer to join our team! In this position you will be an integral part of a developing and expanding Application Security...Remote workShutterfly
New York, NY1 day ago- ...APPLY! At Scroll, we operate on the bleeding edge of a fast-moving frontier of zk technology, research and innovation. The Application Security Engineer will be responsible for improving the zkEVM-based zkRollup security, ensuring that Scroll is one of the safest Layer 2’s...Work at officeRemote workHome officeFlexible hours
Blockchain Works
New York, NY1 day ago - ...Application Security Engineer One of our large financial clients is looking for an experienced Application Security Engineer to join their team. If the below requirements fit your skillset, feel free to apply. Duration: Long Term/Multi Year Contract Location:...Long term contractRemote work
Software Technology Inc
United States40 minutes ago - ...A leading cybersecurity firm is looking for an Application Security Engineer in Herndon, VA. This role emphasizes static and dynamic application security testing and involves integrating security into the software development lifecycle. Candidates should have at least...Remote work
ShorePoint Inc
Herndon, VA3 days ago - ...GuidePoint Security provides trusted cybersecurity expertise, solutions and services that... ...retesting Implement and maintain application security tools and scanning solutions Create... ...but also the Application Security Engineering practice Bachelor's degree in Computer...Remote workFlexible hours
GuidePoint Security
New York, NY1 day ago - **We believe talent deserves a human touch. Your application will be read by an actual person who’s excited to discover the real you.****Application Security Engineer**Location: Remote (United States) | Employment Type: Full-Time**About the Role**We are looking for an Application...Full timeRemote work
New Charter Technologies, Llc
New York, NY1 day ago $75 - $110 per hour
...Contract consulting opportunity for an experienced Application Security Engineer Client requirements: Local to Minneapolis, MN area preferred (onsite 1-2 days) Work authorization status: US Citizen or GC holder W2 hourly only - no corp to corp Contract...Hourly payContract workLocal areaITR Group
Minneapolis, MN2 days ago- ...Application Security Engineer Application Security Engineer with DAST & SAST experience with scripting knowledge (JS, Python) Conducting Static Application Security Testing (SAST) using industry-leading tools such as Checkmarx, Veracode, and Fortify. Collaborating...
Syntricate Technologies
Dallas, TX2 days ago $100k - $155k
...Overview As an Application Security Engineer , you will provide technical expertise and solutions to remediate persistent and challenging portfolio-wide vulnerabilities. We're looking for someone who has passion for IT, resourceful problem-solving abilities, and a...Steampunk.com
McLean, VA4 days ago$82 - $88 per hour
...A client of Innova Solutions is immediately hiring for an Application Security Engineer. Position type: Contract (12 months) Location: Charlotte, NC Hybrid: (3 days onsite/ 2 day remote) As an Application Security Engineer, what you'll Do : Champion...Hourly payContract workTemporary workWork experience placementImmediate startRemote workWorldwideFlexible hoursInnova Solutions
Charlotte, NC1 day ago$151k - $226.25k
...Title: Senior Application Security Engineer Location: San Jose, CA / Morristown, NJ (hybrid) Reports To: Sr. Manager, Cybersecurity About Hippo Hippo was built on a promise: make homeownership effortless. Nearly a decade later, that mission still drives...Temporary workFlexible hoursHippo Insurance
Morristown, NJ1 day ago$102.94k - $171.57k
...for capturing and refining information security requirements and ensures their integration... ...in the areas of secure coding, application authentication, encryption, and quickly... ...Responsibilities: Develop and implement engineering's technical security policies and procedures...Work experience placementWorldwideM&T Bank
Wilmington, DE3 days ago- ...Senior Application Security Engineer This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office. Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people...Work experience placementWork at office2 days per week
HPE
Durham, NC1 day ago $110k
...Job Seekers can review the Job Applicant Privacy Policy by clicking here ( . Job Description : SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates...Full timeRyder
Sacramento, CA3 days ago- ...Senior Application Security Engineer Location: Middletown, NJ (F2F Required, Onsite from Day Telecom Experience) Long Term Overview: We are looking for a Senior Application Security Engineer to join our growing team and play a hands-on role in strengthening security...
Yantran LLC
Middletown, NJ6 days ago - ...Application Security Engineer Location: Hybrid in Irving, TX OR Wilmington, DE OR Des Moines, Iowa (Must be local to these locations.. no relocation) Duration: 12+ months Client is ready to hire within this week.. THE RESOURCE DOING THIS JOB UNEXPECTEDLY MOVED (NOT...Local areaRelocation2 days per week
InterSources
Irving, TX5 days ago - ...Application Security Engineer Comtech is a woman-owned small business founded in 1998 and headquartered in Reston, VA. We offer IT solutions across the disciplines of program/project management, applications development, infrastructure, Cyber security, and enterprise...
Comtech LLC
Washington DC5 days ago - ...Application Security Engineer Phoenix, AZ (Hybrid role) try to get nearby candidates 24+ months contract 2 + years of experience communicating system vulnerabilities and remediation guidance to both technical and non-technical personnel. • 2 + year of...Contract work
Concord IT Systems
Phoenix, AZ3 days ago $62k - $141k
...Job Number: R0231845 Location: Washington,DC,US Share job via: Share Application Security Engineer The Opportunity: Work together with the client and application community to maintain a resilient security posture...Full timeContract workPart timeWork at officeLocal areaRemote workBooz Allen Hamilton
Washington DC3 days ago- ...Senior Application Security Engineer Denver, CO or Long Beach, CA True Anomaly seeks those with the talent and ambition to build the technology that secures space. True Anomaly delivers decisive capabilities for space superiority. We build autonomous spacecraft...Permanent employmentShift work
True Anomaly
Long Beach, CA4 days ago - ...The details are below. Beware of scams. S3 never asks for money during its onboarding process. Job Title: Senior Application Security Engineer (AI/ML) Contract Length: 6+ months Location: Iselin NJ 08830/ Charlotte, NC/ Dallas, TX/ Phoenix, AZ 3 days onsite...Contract workRemote workVisa sponsorshipShift work3 days per week
Leading Utilities Organization
Phoenix, AZ5 hours ago $60 - $65 per hour
...Application Security Engineer Location: Phoenix, AZ 85054 (Atlanta GA, or NY, NY) (Onsite/Hybrid) Pay Rate: $60.00 - $65.00 per hour (Strict W2 Only) Duration: Through 12/31/2026 + Long-term Extension Compliance: No C2C, Third Parties, or W2 Referrals Role...Hourly payWeekly payTemporary workFlexible hoursManpower Group Inc.
Phoenix, AZ4 days ago- ...Job Title: Application Security Engineer (DevSecOps) Location: Onsite 5x/Week in Plano, TX Type: Direct Hire Top 3-5 Must Have Skills for the Position: Practical experience with AI-assisted coding and agentic code (e.g., using GitHub Copilot, Claude...Extra income
RED SKY Consulting
Plano, TX1 day ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
Related searches
- senior application security engineer United States
- application engineer United States
- junior application support engineer United States
- application system engineer United States
- network applications engineer United States
- cnc applications engineer United States
- project application engineer United States
- field applications engineer United States
- hydraulic application engineer United States
- application support engineer United States