Job Closed
This listing is no longer active.
hims & hers offers a modern approach to health and wellness.
Senior Application Security Engineer
Location
United States
Posted
142 days ago
Salary
$145K - $175K / year
Seniority
Senior
Job Description
Senior Application Security Engineer
hims & hers
• Conduct security assessments using SAST, DAST, and SCA tools to identify vulnerabilities in applications • Perform code reviews and provide secure coding guidance to development teams • Implement and maintain GitHub Advanced Security, including secret scanning and code scanning • Assess and improve security of Infrastructure as Code (IaC) deployments using Terraform • Evaluate container security in our Docker and Kubernetes environments • Support CI/CD security integration and automation • Conduct penetration testing and red team/purple team exercises on applications • Review and secure API implementations, with focus on GraphQL security • Evaluate AI/ML model security and implement protections against prompt injection and other AI-specific threats • Collaborate with the Staff AppSec Engineer on CIAM and advanced AI security initiatives • Maintain security documentation and contribute to security awareness training
Job Requirements
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field
- 5-8 years of experience in application security or related security field
- Hands-on coding experience and ability to review code in multiple languages
- Professional experience with SAST tools (e.g., SonarQube, Checkmarx, Fortify)
- Professional experience with DAST tools (e.g., Burp Suite, OWASP ZAP)
- Professional experience with SCA tools (e.g., Snyk, Black Duck, WhiteSource)
- Experience with GitHub Advanced Security features
- Container security scanning and IaC security scanning tools experience
- Strong understanding of OWASP Top 10 and secure coding practices
- Experience with penetration testing methodologies
- Knowledge of security frameworks: NIST CSF, NIST 800-53, SOC 2, PCI DSS
- Excellent communication skills to articulate security findings to technical and non-technical stakeholders.
Benefits
- Competitive salary & equity compensation for full-time roles
- Unlimited PTO, company holidays, and quarterly mental health days
- Comprehensive health benefits including medical, dental & vision, and parental leave
- Employee Stock Purchase Program (ESPP)
- 401k benefits with employer matching contribution
- Offsite team retreats
Related Guides
Related Categories
Related Job Pages
More Application Engineer Jobs
Staff Application Security Engineer
WebflowWebflow is the way to design, build, and launch powerful websites visually — without coding.
• Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem. • Bring security best practices to the software development lifecycle. • Champion security standards while balancing business strategies and requirements. • Support Webflow’s security compliance frameworks • Find security vulnerabilities through grey-box techniques • Propose solutions at the architecture and code level. • Contribute code and architecture improvements to enable security within Webflow’s application. • Cross-train entry and mid-level application security engineers.
Staff Application Security Engineer
ThumbtackWe help people care for their home from top to bottom — and empower small businesses nationwide to grow.
• Own the long-term technical direction for application security across Thumbtack • Lead large, cross-functional security initiatives from problem definition through delivery • Design secure architectures and implement shared security tooling • Partner with teams to prioritize security investments based on risk and impact • Mentor engineers and drive organization-wide improvements in application security
Senior VoIP Application Engineer
NextivaNextiva describes itself as the fastest-growing privately-held provider of cloud communications, offering tools to help businesses stay in touch with their cust
• Develop and maintain high-quality VOIP applications that meet customer needs, focusing on reliability, performance, and scalability. • Integrate VOIP solutions with third-party systems, ensuring seamless communication between internal and external platforms. • Provide support for complex VOIP issues, including system failures, call quality problems, and application errors. Work to quickly diagnose and resolve issues. • Work closely with cross-functional teams, including engineering, product management, and operations, to ensure seamless deployment and operation of VOIP applications. • Test new VOIP features, products, and services, ensuring they meet quality standards before deployment. • Create and maintain technical documentation for VOIP applications, including system architecture, troubleshooting guides, and integration processes. • Continuously monitor and optimize VOIP applications to improve performance, scalability, and user experience. • Ensure VOIP applications meet security standards and compliance requirements. • Assist internal and external teams with troubleshooting, providing solutions, and offering expert guidance on VOIP-related issues. • Stay current with emerging VOIP technologies and trends, contributing to the development of new features and improvements to existing applications.
• Develop and prepare technical solutions and quotation proposals for new equipment • Respond to customer inquiries for new equipment • Define the Elliott scope of supply • Complete requisition forms for major purchased auxiliaries • Review customer and industry standard specifications • Create proposals including data sheets, scope, performance curves, pricing, and delivery • Participate in bid clarification meetings with Sales/customer • Work with Sales/Management to adjust scope/delivery/price as needed • Transfer data to Project Engineering / Project Management after an order is received • Develop standards, repeatable procedures and calculations
