Job Closed
This listing is no longer active.
Webflow is the way to design, build, and launch powerful websites visually — without coding.
Senior Application Security Engineer
Location
California
Posted
91 days ago
Salary
$139K - $250K / year
Seniority
Senior
Job Description
Senior Application Security Engineer
Webflow
• Collaborate with the Webflow engineering team to secure Webflow’s web application platform and ecosystem. • Bring security best practices to the software development lifecycle. • Work as part of a team to champion security standards while balancing business strategies and requirements. • Support Webflow’s security current and future compliance frameworks • Work to find security vulnerabilities through grey-box techniques, and propose solutions at the architecture and code level to mitigate findings. • Contribute code and architecture improvements to enable security within Webflow’s application for engineers. • Cross-train entry level application security engineers
Job Requirements
- BA/BS degree or equivalent experience
- You bring 5+ years of application security experience, including hands-on software development, and have worked on securing high-complexity, large-scale applications.
- You have experience in secure software design, secure coding, and modern web application security, with ability to identify security design flaws and business-logic vulnerabilities, and to drive risk-based remediation with engineering teams.
- You have led threat modeling efforts, and/or conducted penetration testing, or manage third-party pentests, ensuring findings are clearly documented, communicated, and remediated to completion.
- You have managed one or more of application security programs or tooling initiatives such as SCA Supply Chain, SAST, DAST and /or led bug bounty programs
- You have contributed to security controls within large-scale solutions, including designing and/or delivering security features directly into applications (e.g., authorization models, security controls, or admin-level protections) in close collaboration with engineering and partner orgs.
- You have experience using and building automation that leverage agentic AI, including applying AI coding agents to scale security reviews, detection, and automation responsibly.
- You have participated in response efforts for application security incidents, from triage and containment through remediation and post-incident improvements
- Stay curious and open to growth — actively building fluency in emerging technologies like AI to unlock creativity, accelerate progress, and amplify impact.
Benefits
- Equity ownership (RSUs) in a growing, privately-owned company
- 100% employer-paid healthcare, vision, and dental insurance coverage for full-time employees (working 30+ hours per week) and their dependents. Full-time employees may also be eligible for voluntary insurance options where applicable in the respective country of employment
- 12 weeks of paid parental leave for both birthing and non-birthing caregivers, as well as an additional 6-8 weeks of pregnancy disability leave for birthing parents to be used before child bonding leave (note: where local requirements are more generous, employees receive the greater benefit); full-time employees also have access to family planning care and reimbursement
- Flexible PTO for all locations and sabbatical program
- Access to mental wellness and professional coaching, therapy, and Employee Assistance Program
- Monthly stipends to support work and wellness
- 401k plan or pension schemes (in countries where statutorily required), and other financial wellness benefits, like CPA and financial advisor coverage
Related Guides
Related Categories
Related Job Pages
More Application Engineer Jobs
Application Security Engineer
TTECFounded as TeleTech in 1982, TTEC is a leading business process outsourcing company. After experiencing rapid growth, including 300% growth in its global workfo
Application Security Engineer Be the spark that brightens days and ignite your career with TTEC’s award-winning employment experience. As an Application Security Engineer working remotely in Colombia, you’ll be a part of creating and delivering amazing customer experiences while you also #experienceTTEC, an award-winning employment experience and company culture. What You’ll be Doing Looking to use your expertise to protect and strengthen mission-critical systems and applications? In this role, you’ll lead efforts to secure new and existing applications by assessing risks, developing mitigation strategies, and embedding security best practices throughout the SDLC. You will: - Lead security assessments and code reviews across web, mobile, cloud, and on-prem applications. - Guide development teams on secure coding practices and implement effective security controls. - Evaluate threats, conduct risk assessments, and define mitigation strategies. - Maintain documentation on architecture, incident response, and security procedures. - Stay current on emerging threats and support incident response efforts when needed. You’ll report to the Executive Director of Information Security and contribute to safeguarding our clients and enterprise data. During a Typical Day, You’ll - Conduct vulnerability scans, penetration testing, and manage remediation processes. - Use tools like SAST, DAST, and IAST to continuously monitor application security. - Collaborate with DevOps to embed security in CI/CD pipelines. - Deliver security training to developers and internal teams. - Participate in cloud security reviews (AWS, Azure, GCP) and recommend improvements. - Provide guidance on automation opportunities using Python, Java, or C#. - Serve as a security advisor across global business units and support planning of key security initiatives. - Clearly communicate findings to both technical and non-technical stakeholders across cultures. What You Bring to the Role - Bachelor's degree in Computer Science, Information Security, or related field. - 3+ years of experience in application security (cloud and on-premise). - Experience with penetration testing, risk assessments, and vulnerability management. - Solid understanding of OWASP Top 10 and mitigation strategies. - Proficiency in scripting or programming (Python, Java, or C#). - Familiarity with security testing tools and cloud platforms (AWS, Azure, GCP). - Excellent communication skills with global and cross-functional collaboration experience. - Certifications such as CISSP, CSSLP, or CEH are a plus. What You Can Expect - Supportive of your career and professional development - An inclusive culture and community minded organization where giving back is encouraged - A global team of curious lifelong learners guided by our company values - Ask us about our paid time off (PTO) and wellness and healthcare benefits - And yes... a great compensation package and performance bonus opportunities, benefits you'd expect and maybe a few that would pleasantly surprise you (like tuition reimbursement) Visit https://mybenefits.ttec.com/ for more information. About TTEC Our business is about making customers happy. That's all we do. Since 1982, we've helped companies build engaged, pleased, profitable customer experiences powered by our combination of humanity and technology. On behalf of many of the world's leading iconic and hypergrowth brands, we talk, message, text, and video chat with millions of customers every day. These exceptional customer experiences start with you. TTEC is proud to be an equal opportunity employer where all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. TTEC embraces and is committed to building a diverse and inclusive workforce that respects and empowers the cultures and perspectives within our global teams. We aim to reflect the communities we serve, by not only delivering amazing service and technology, but also humanity. We make it a point to make sure all our employees feel valued, belonging, and comfortable being their authentic selves at work. As a global company, we know diversity is our strength because it enables us to view things from different vantage points and for you to bring value to the table in your own unique way. #LI- Remote
• Perform design and architecture review of new features, suggest security requirements • Collaborate with DevOps and engineering teams, advising on security features and best practices in SDLC • Utilize static security scanning tools, review findings and coordinate remediation actions • Perform ongoing manual security assessments • Review the results of external penetration tests and communicate suggested fixes to development teams • Provide on-demand support on application security topics • Drive process improvement ideas • Assist with vetting and intake of defects from 3rd party security researchers via our Bug Bounty program
Applications Engineer
KennametalBringing innovation and productivity to our customers through materials science, tooling and wear-resistant solutions.
• Provide technical service to target customers and Distributors: - Complex trouble shooting at customer site. - Tool testing for target accounts as required and complete testing report. - Technical training and instruction to customer. - Optimization for tooling application and process. • Provide timely customer feedback and market information to Managers and the team. • Work with Service Manager to complete change cutter of production line. • Support project/machine runoff (交机) as required.
Field Application Engineer – A&D
TTM TechnologiesA leading global provider of printed circuit boards that go into just about everything you can imagine.
• Provide DFM (Design for Manufacturing) and DFV (Design for Value) support to customer engineering and design teams for new designs and existing design improvement with a focus on reducing customers design cycle time • Collaborate with customer designers to improve quality and completeness of their design packages and help them by identifying design problems related to manufacturability and reliability test • Support drawing reviews prior to design release and help architect drawing notes to support the specific design and manufacturing needs • Update customer design and manufacturing groups on TTM capabilities and technology roadmap through formal presentations • Provide TTM manufacturing facilities insight into future customer needs, technology requirements and identify gaps in TTMs ability to support those future needs • Facilitate customer technical needs with TTM engineering and operations • Assist TTM site pre-production teams through the stack-up/DFM/TQ approval process and in getting “on-hold” issues addressed on the customer side expeditiously • Travel to TTM sites to support NPD/NPI manufacturing requirements for successful execution • Establish technical contacts between customer and TTM to drive improved lines of technical communications and increased depth of relationships • Assist the Sales Account Managers in increasing customer revenue by providing technical support and service




