SimplePractice
The #1 practice management solution for private practitioners. Find inspiration from essential resources and news.
Application Security Engineer
Application EngineerApplication EngineerFull TimeRemoteTeam 201-500Since 2012H1B No SponsorCompany SiteLinkedIn
Location
United States
Posted
116 days ago
Salary
$115K - $145K / year
Bachelor Degree5 yrs expEnglishCloudCyber SecurityDockerKubernetesMicroservicesPythonRubyRustSDLCTerraform
Job Description
• Design, build, and implement secure solutions and automation to embed security testing and controls within the SDLC, serving as a hands-on expert in secure development practices.
• Partner with engineering teams to move from reactive security fixes to proactive, embedded security in their development workflows.
• Collaborate with product and engineering teams to perform security reviews, threat modeling, and design reviews for new features and architectural changes.
• Actively develop and contribute code to internal security tools, security testing frameworks (e.g., SAST, DAST, SCA), and defensive libraries to proactively identify and address vulnerabilities.
• Lead incident response for application-related security events, focusing on root cause analysis and implementing preventative controls.
• Integrate security capabilities directly into CI/CD pipelines and engineering workflows to automate vulnerability detection and remediation.
• Design and implement security architecture for web applications, APIs, and microservices, ensuring security by design.
• Develop secure coding standards, security patterns, and reusable components for application development and deployment.
• Conduct threat modeling across the application portfolio to identify and prioritize risks.
• Establish and maintain security controls for development, staging, and production environments.
• Translate application security strategies into actionable development plans and prototypes.
• Evaluate third-party components, libraries, and SaaS providers for security, compliance, and data protection.
• Assess emerging application security tools and technologies.
• Review cloud-based services and configurations for compliance and security posture.
• Partner with legal and compliance teams to ensure application security initiatives meet regulatory (e.g., HIPAA, HITECH) and contractual requirements.
• Implement and monitor controls for data privacy, integrity, and access management within the application layer.
• Develop metrics and reporting for the application security posture across engineering teams.
• Liaison with customers and auditors on SimplePractice’s approach to application security and compliance.
• Leverage automation to operationalize security and compliance workflows, continuously monitoring and improving our security posture.
Job Requirements
- 5+ years of experience in information security, with recent focus on application security, secure SDLC, and partnership with engineering.
- Proven hands-on experience in designing, developing, and deploying security controls and automation, including expertise in code review, vulnerability remediation, and security testing.
- Strong background in security architecture and threat modeling for modern web applications and APIs.
- Strong bias towards automating security tasks and processes to scale the program.
- Demonstrated experience in implementing security controls within a regulated environment (e.g., healthcare, finance), with a strong emphasis on practical application and automation.
- Degree in Computer Science, Cybersecurity, or a related field.
- Demonstrated experience with serverless cloud technologies (e.g., Lambda, Cloud Run) and/or containerization and orchestration (e.g., Docker, Kubernetes).
- Strong software development background with proficiency in ruby, python, rust, go, or similar languages, including experience with DevSecOps practices and tools such as Terraform, Git, and CI/CD pipelines.
- Understanding of healthcare compliance (HIPAA, HITECH) is highly desirable.
- Excellent analytical, problem-solving, and communication skills, especially the ability to explain security risks to engineering partners.
- Ability to work independently to learn new technologies, processes, and frameworks.
Benefits
- Medical, dental, vision, life & disability insurance
- 401(k) plan with company match
- Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays
- Mental health resources
- Paid parental leave & Backup Care
- Tuition reimbursement
- Employee Resource Groups (ERGs)
Related Guides
Related Categories
Related Job Pages
More Application Engineer Jobs
Application Support Engineer
HomeVisionComprehensive collateral underwriting, powered by machine intelligence
Application Engineer117 days ago
Full TimeRemoteTeam 11-50Since 2020H1B No Sponsor
Support Engineer managing customer inquiries in the US housing market.
Application Engineer119 days ago
Full TimeRemoteTeam 201-500H1B No Sponsor
ELEVATE your programming skills: Go from making parts to shaping careers.Forget the slow lane—Phillips Commercial is offering you the immediate launchpad you need to become an industry authority. We're looking for a motivated technical expert who i...
Pennsylvania
Senior Application Security Engineer
Abnormal SecurityAbnormally-Precise, Cloud-Native Email Security
Application Engineer120 days ago
Full TimeRemoteTeam 501-1,000H1B Sponsor
Senior Application Security Engineer building secure AI-powered cybersecurity applications.
CloudJavaJavaScriptLinuxMicroservicesPythonTypeScriptGo
Application Engineer120 days ago
Full TimeRemoteTeam 51-200Since 2009H1B No Sponsor
Staff Frontend Web Engineer at TeamSnap building scalable applications
ReactReduxTypeScriptWebpack
Alabama + 12 moreAll locations: Alabama, Alaska, District of Columbia, Hawaii, Iowa, Louisiana, Nebraska, New Mexico, Mississippi, Rhode Island, South Dakota, Virginia, West Virginia
$200K / year
