Applied Methods
~The MetaSecurityApplication Security Engineer

Application Security Engineer

This role conducts comprehensive security reviews and threat modeling across AI-native platforms and data infrastructure, identifying vulnerabilities in applications that power enterprise AI agents, LLM systems, and knowledge graphs. What distinguishes Application Security Engineers from broader security roles is their focus on embedding security into the development lifecycle itself—through code reviews, secure design practices, and CI/CD integration—rather than conducting external assessments alone. These engineers typically sit within dedicated product or application security teams that partner closely with engineering organizations, translating security requirements into developer-friendly practices and tooling that enable teams to ship secure code at scale.

$ titles --canonical
Application Security EngineerStaff Product Security Engineer
Open Jobs31
Companies Hiring24
$02

Skills

What companies are looking for in this role.

$ skills --core

Performing secure code review and static code analysis to identify vulnerabilities

95%

Conducting threat modeling and security architecture reviews to identify design-level risks

95%

Managing vulnerability identification, triage, prioritization, and remediation workflows

90%

Designing and implementing secure software development lifecycle controls and processes

90%

Architecting and maintaining security automation tooling for CI/CD pipelines

85%

Establishing and implementing secure coding standards and best practices across engineering teams

85%

Supporting regulatory compliance frameworks and audit processes across multiple standards

80%

Evaluating and implementing software supply chain security measures including SBOM management

80%

Collaborating with infrastructure and DevOps teams to build secure cloud and containerized environments

80%

Responding to security incidents and providing technical analysis during breach response

75%

Writing and reproducing proof-of-concept exploits to validate security findings

70%

Managing bug bounty programs and coordinated vulnerability disclosure processes

65%
$ skills --emerging

Securing AI and machine learning systems including threat modeling for LLM architectures and training data pipelines

80%

Designing security controls for AI agents and novel AI system attack surfaces

70%

Implementing security controls for emerging AI-powered applications and infrastructure

70%

Securing model deployment and protecting trained models on hardware platforms

45%
$ skills --soft

Collaborating cross-functionally with product, engineering, and infrastructure teams to embed security early

90%

Mentoring and educating engineers on secure coding practices and security architecture

85%

Translating security requirements into actionable development tasks and mitigation strategies

85%

Communicating security findings and risks to both technical and executive stakeholders

80%

Thinking like an attacker while maintaining a builder mentality for secure solutions

75%

Building developer-friendly security tools and libraries to reduce friction in secure coding

75%

Operating with ownership mindset to drive security initiatives from conception to completion

70%

Prioritizing security risks based on exploitability and real-world impact rather than textbook rules

65%
$03

Technology

The tools and technologies that define this role.

$ tech --language
Pythonhigh
Gomoderate
C++low
Elixirlow
$ tech --platform
AWShigh
Kuberneteshigh
GCPmoderate
HackerOnemoderate
MongoDBlow
$ tech --tool
DASTvery high
SASTvery high
SCAhigh
Dockermoderate
IASTmoderate
$ tech --concept
CI/CDvery high
AI agentshigh
CVSShigh
Infrastructure-as-Codehigh
ISO 27001high
LLMhigh
PCI-DSShigh
SBOMhigh
SOC 2high
Fuzzingmoderate
HIPAAmoderate
ISO 27701moderate
NIST 800-171moderate
NIST 800-53moderate
OAuthmoderate
OIDCmoderate
OWASPmoderate
Penetration testingmoderate
Red teamingmoderate
Secrets managementmoderate
SLSAmoderate
FedRamplow
$04

Open Jobs

31 open Application Security Engineer jobs across 24 companies.

Block1w
Principal Security Engineer
Bay Area, CA, United States of America·Security
Vanta1w
Senior Security Engineer
Remote U.S.·Security
Figure AI1w
Security Engineer, Product and Device Security
San Jose, CA·Security
Figure AI2w
Security Engineer, Application Security
San Jose, CA·Security
Apollo4w
Senior Application Security Engineer
Remote, Canada; Remote, United States·Security
Nebius1mo
Application Security Engineer
Amsterdam, Netherlands; Berlin, Germany; Prague, Czech Republic; Remote - Europe; United Kingdom·Security
PhysicsX1mo
Senior Software Security Developer – Core Platform Services
London·Security
Replit1mo
Security Engineer - Vuln Management (Code)
Foster City, CA·Security
Lovable1mo
Application Security Engineer
Stockholm·Security
Granola2mo
Security Engineer
London·Security
Writer2mo
Security engineer, application security
New York City, NY·Security
Writer2mo
Security engineer, application security (UK)
London, UK·Security
Harvey2mo
Senior Product Security Engineer
San Francisco·Security
True Anomaly2mo
Senior Application Security Engineer
Denver, CO or Long Beach, CA or SF Bay Area, CA·Security
Replit2mo
Product Security Engineer (PSIRT - Product Security Incident Response Team)
Foster City, CA·Security
Glean3mo
Application Security Engineer
Bangalore, India·Security
Databricks3mo
Sr. Staff Product Security Engineer
United States·Security
xAI3mo
Application Security Engineer
Palo Alto, CA·Security
Anthropic3mo
Staff+ Application Security Engineer
Remote-Friendly (Travel-Required) | San Francisco, CA | Seattle, WA | New York City, NY·Security
Skild AI3mo
Embedded Security Engineer
San Mateo·Security