Back to jobsApply
R
RegScale

Founded in 2021 and headquartered in Tysons, Virginia, RegScale specializes in automated governance, risk, and compliance (GRC) solutions. The company’s missi

Senior Application Security Engineer

Application EngineerApplication EngineerFull TimeRemoteSeniorCompany Site

Location

United States

Posted

1 day ago

Salary

Not specified

Seniority

Senior

Bachelor Degree10 yrs expEnglishCloud

Job Description

• Own the application security program end to end, identifying risks, setting priorities, building strategy, aligning stakeholders, driving implementation across engineering teams, and measuring outcomes. • Conduct threat modeling and security design reviews early in the development process, embedding security thinking into architecture and feature design before code is written. • Partner with developers across all engineering teams to shift security left, coaching on secure coding practices, reviewing code for vulnerabilities, and building security awareness as a shared engineering capability rather than a specialized handoff. • Integrate security tooling and automated security checks into CI/CD pipelines including static analysis, dependency scanning, and secrets detection, ensuring actionable security signals. • Own vulnerability management across the platform, triaging findings from internal testing, external assessments, and tooling, prioritizing remediation based on risk, and driving resolution to completion. • Lead and coordinate penetration testing and security assessments, working with internal and external resources to scope, execute, and translate findings into engineering action. • Define and maintain secure development standards and patterns that engineering teams can adopt, covering areas such as authentication, authorization, API security, and data-handling. • Bridge engineering and the external security team, translating security requirements into engineering priorities and engineering constraints into security strategy, ensuring both sides operate with shared context and mutual accountability. • Support compliance and regulatory requirements including FedRAMP, NIST, and enterprise customer security obligations, working with the Compliance as Code team to ensure security controls are implemented and evidenced effectively. • Assess and address security risks introduced by AI features and integrations, including prompt injection, data exposure through AI interfaces, and third-party model risks, working closely with the Platform and AI team to ensure AI capabilities are built and deployed securely. • Build visibility into the security posture of the platform through metrics, dashboards, and reporting that inform engineering leadership and support customer and auditor conversations.

Job Requirements

  • 10 or more years of application security experience with a demonstrated track record of owning security programs and driving initiatives end to end across complex engineering organizations.
  • Deep expertise across the application security domain including threat modeling, secure design review, vulnerability assessment, penetration testing, and secure development practices.
  • Proven ability to operate as a solo practitioner or small team lead, setting priorities independently, managing competing demands, and delivering outcomes without close supervision.
  • Strong experience influencing engineering teams without direct authority, building credibility through technical depth, clear communication, and practical solutions that fit the realities of product delivery.
  • Experience integrating security into CI/CD pipelines and modern software delivery practices, with a shift left mindset that prioritizes prevention over detection.
  • Solid understanding of cloud security principles and how application security intersects with infrastructure security in a cloud native environment.
  • Strong written and verbal communication skills, able to articulate security risk, strategy, and tradeoffs clearly to engineering teams, leadership, and stakeholders including customers and auditors.

Benefits

  • RegScale is only able to hire US Citizens
  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Remote work options

Related Categories

Application Engineer

Related Job Pages

Remote Full-time Jobs (US)More US Remote Jobs

More Application Engineer Jobs

D

Web Application Systems Analyst II - Computing and Technology Services

Duquesne University
Application Engineer1 day ago
Full TimeRemoteTeam 51-200

This role involves managing and optimizing web applications, including configuration, performance monitoring, and deployments for critical services like the University portal and mobile app. Responsibilities also include building and enhancing custom web applications using low-code/no-code tools and object-oriented programming while ensuring secure connectivity.

HTMLCSSJavaScriptReactJavaREST APIGitLinuxSSOSAMLSection 508ADA accessibilitySDLCOracleActive DirectoryDNSSSLNetworking
View details: Web Application Systems Analyst II - Computing and Technology Services
United States
Apply
Bedrock Robotics logo

Robotics Application Engineer

Bedrock Robotics

Advanced autonomy for the built world.

Application Engineer1 day ago
Full TimeRemoteTeam 51-200Since 2024
Company SiteLinkedIn

Senior Robotics Application Engineer deploying autonomous excavators at Bedrock

View details: Robotics Application Engineer
California + 1 moreAll locations: California, New York
Apply
Ravago Americas logo

Technical Development Engineer, Film - M. Holland

Ravago Americas
Application Engineer1 day ago
Full TimeRemoteTeam 10,001

The Technical Development Engineer (TDE) Film Segment provides proactive and reactive technical processing and application support for resins distributed to Film converters. This involves offering subject matter expertise in resin selection, process optimization, and application development to commercial employees, clients, and suppliers.

Film extrusionPolymer characterizationFailure analysisResin selectionProcess optimizationApplication developmentPolymer testingTechnical training
View details: Technical Development Engineer, Film - M. Holland
United States
$100K - $135K / year
Apply
Sartorius logo

Field Application Specialist - Bioreactor Technology - Bay Area, CA

Sartorius

A Trusted Partner of Life Sciences Research and Biopharmaceutical Manufacturing | #SimplifyingProgress

Application Engineer1 day ago
Full TimeRemoteTeam 10,001+H1B Sponsor
Company SiteLinkedIn

The specialist will support the Sales organization by providing product expertise, application knowledge, and technical support for the Bioreactor Technologies portfolio, focusing on successful application and implementation of upstream products. Key duties include product presentations, demonstrations, trials, troubleshooting, and supporting the sales process through technical qualification and value-adding activities.

BioreactorUpstream cell culturecGMPTech TransferBioprocess scale-upMicrosoft WordMicrosoft ExcelMicrosoft PowerPointMicrosoft Outlook
View details: Field Application Specialist - Bioreactor Technology - Bay Area, CA
United States
$100K - $110K / year
Apply