Role Description As a Sr. Staff Back-End AppSec Lead, you will be tasked with: - Acting as a trusted advisor to customers by reviewing and validating AI-generated findings on Java and .NET back-end systems during high-stakes security engagements. - Working directly with SentinelOne’s agentic code scanning pipeline to analyze vulnerabilities, apply expert human judgment, and communicate actionable results to both technical teams and executive stakeholders. - Helping build and scale the Wayfinder Frontier AI Services practice by refining methodologies, improving AI-assisted exposure management workflows, and collaborating with elite offensive and defensive security experts. What Will You Do? Primary responsibilities include: - Lead Wayfinder Frontier AI Services customer engagements end-to-end, scope the work, deliver the technical findings, and present results to executive and technical stakeholders. - Review and triage findings from our agentic code scanning pipeline against customer Java and .NET codebases. Validate true positives, eliminate noise, and ensure every finding that reaches the customer is a decision they can act on. - Conduct deep code review across Java and .Net code and common frameworks. - Present findings to stakeholders, translate technical risk into business impact and map exposures into end-to-end exploitation chains. - Author and maintain SAST rule packs that scale across the customer base, and partner with our AI/ML engineers to improve our agentic scanning engine. - Provide expert remediation guidance to customer development teams and validate fixes through follow-up review. - Work closely with our engineering teams to enhance our agentic code scanning pipeline, and reduce false positives. - Mentor Senior-level AppSec engineers and dev-skilled threat hunters; raise the technical bar of the practice and shape the service line's methodology, engagement playbooks, and scoping templates. Qualifications - 7+ years in application security or product security with a strong software development background. - Proven track record translating complex findings into technical and executive-level debriefs. Excellent written and verbal communication is essential. - Experience delivering customer-facing or consulting-style engagements end-to-end, comfortable in a distributed remote organization. - Expert-level Java / Spring, you've identified and explained vulnerabilities at the framework level, not just the application level. - Expert-level .NET Framework and ASP.NET Core, vulnerabilities and secure coding methodologies. - Mastery of OWASP Top 10, CWE Top 25, and modern authentication infrastructure (SAML, OAuth, OIDC, JWT internals). - Hands-on experience authoring custom static-analysis rules and queries for modern SAST engines; familiarity with AI-assisted code review workflows and validating findings produced by automated and agentic analysis pipelines. - Strong threat modeling experience throughout the secure SDLC. - Fluency with Git-based source control and CI/CD pipelines, including build-pipeline security controls, runner hardening, and release-gate enforcement. - Experience with AI accelerated development / code scanning methodologies. Benefits - Equity & Rewards: Restricted Stock Units (RSUs), Employee Stock Purchase Plan (ESPP) - Time Off & Wellbeing: Flexible time off, Paid company holidays and paid sick time, Gender-neutral parental leave, Grandparent leave - Insurance & Financial Security: Medical, dental, and vision coverage, 401(k) retirement plan with company match, Life and disability insurance, Health and dependent care FSA, Voluntary benefits (hospital, accident, critical illness), Employee Assistance Program (EAP), ARAG pre-paid legal, Nationwide pet insurance, Cancer Care program, Global business travel medical insurance - Work Perks & Flexibility: Home office allowance, Mobile phone reimbursement - Wellness & Lifestyle: Wellness coach, Wellness/gym reimbursement, Fertility coverage, Adoption & surrogacy reimbursement Base Salary Range $184,000 — $235,000 USD