Application Security Engineer (Remote - US)

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Application Security Engineer in the United States.

This role offers the opportunity to lead application security initiatives for a fast-growing, innovative health-tech platform. You will work closely with engineering and product teams to embed security practices throughout the software development lifecycle, proactively mitigating risks and protecting sensitive healthcare data. This is a hands-on role where you will build and maintain security tools, conduct threat modeling, and ensure compliance with regulatory standards. The position combines technical depth, automation expertise, and collaboration with multiple teams, enabling you to make a measurable impact on both security posture and business operations. It’s ideal for engineers passionate about application security, automation, and creating safe, scalable solutions.

Accountabilities:

• Design, implement, and maintain secure application solutions, integrating security into the full software development lifecycle (SDLC).
• Collaborate with engineering and product teams to conduct security reviews, threat modeling, and design evaluations for new features.
• Develop, contribute to, and maintain internal security tools, testing frameworks (SAST, DAST, SCA), and defensive libraries.
• Lead response to application-related security incidents, perform root cause analysis, and implement preventative controls.
• Integrate security capabilities into CI/CD pipelines and development workflows to automate vulnerability detection and remediation.
• Assess third-party libraries, components, and SaaS providers for security and compliance.
• Ensure adherence to regulatory and contractual requirements (e.g., HIPAA, HITECH) within the application layer.
• Develop metrics, reporting, and documentation to communicate the application security posture internally and externally.

Requirements

• 5+ years of experience in information security, focusing on application security and secure SDLC practices.
• Proven hands-on experience with security controls, automation, code review, vulnerability remediation, and security testing.
• Strong background in application security architecture, threat modeling, and risk management for web applications and APIs.
• Experience implementing security in regulated environments, preferably healthcare or finance.
• Degree in Computer Science, Cybersecurity, or a related field.
• Proficiency with serverless/cloud technologies (Lambda, Cloud Run), containerization (Docker, Kubernetes), and DevSecOps practices.
• Programming experience in Ruby, Python, Rust, Go, or similar languages.
• Knowledge of CI/CD pipelines, Terraform, and automation of security processes.
• Excellent analytical, problem-solving, and communication skills, with the ability to convey technical risks to non-security stakeholders.
• Hands-on security certifications (SANS, OSCP, CSSLP) are a plus.

Benefits

• Competitive base salary ($115,000–$145,000 USD) plus potential annual bonus.
• Comprehensive medical, dental, vision, life, and disability insurance.
• 401(k) plan with company match.
• Flexible Time Off (FTO), wellbeing days, paid holidays, and summer Fridays.
• Paid parental leave and backup care options.
• Tuition reimbursement and professional development opportunities.
• Employee Resource Groups (ERGs) supporting diversity and inclusion initiatives.
• Remote work flexibility within the United States.

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching. When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.

🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.
📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.
🎯 Based on this analysis, we automatically shortlist the 3 candidates with the highest match to the role.
🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!

#LI-CL1