Staff Application Security Engineer

Abridge

Staff Application Security Engineer developing secure software for AI-powered healthcare solutions. Leading security initiatives and mentoring teams in a collaborative environment.

Posted 6/10/2026full-timeSan Francisco • California • 🇺🇸 United StatesLead💰 $228,000 - $290,000 per yearWebsite

Tech Stack

Tools & technologies

CloudGoogle Cloud PlatformKubernetesNext.jsPython

About the role

Key responsibilities & impact

Secure Development & Architecture Leadership
Lead Threat Modeling and Design Reviews: Conduct advanced threat modeling and security architecture reviews for complex systems, new products, and platform initiatives.
Define Security Strategy: Define and implement the technical roadmap for the Application Security program.
Mentor and Enable: Act as a subject matter expert and trusted advisor to product and engineering teams.
Conduct Training & Awareness: Develop training materials for engineers to build a foundation of security best practices.
Vulnerability Management & Incident Response
Code and Security Reviews: Perform and lead in-depth secure code reviews to identify security vulnerabilities.
Internal Penetration Testing: Lead internal penetration testing engagements for new products.
Vulnerability Program Oversight: Design and enhance the end-to-end vulnerability management program.
Security Incident Response: Serve as an expert on Abridge’s products for security incident response team.

Requirements

What you’ll need

Experience: 10+ years of direct experience in an Application Security role, with a demonstrated history of designing and implementing security improvements at scale.
Programming Fluency: Deep proficiency in one or more major programming languages (Python and NextJS a big plus) and a solid background in software development principles.
Cloud & Containers: Extensive experience securing applications deployed in Cloud environments (GCP a big plus) and knowledge of containerization technologies (Kubernetes).
Technical Depth: Expert-level knowledge of web application security techniques and principles, APIs, IAM (including identity, authentication/authorization, RBAC, ABAC), applied cryptography, etc.
AI Security: Deep understanding of the security of AI and ML models, agents, and associated systems.

Benefits

Comp & perks

Generous Time Off: 14 paid holidays, flexible PTO for salaried employees, and accrued time off for hourly employees
Comprehensive Health Plans: Medical, Dental, and Vision coverage for all full-time employees and their families.
Generous HSA Contribution: If you choose a High Deductible Health Plan, Abridge makes monthly contributions to your HSA.
Paid Parental Leave: Generous paid parental leave for all full-time employees.
Family Forming Benefits: Resources and financial support to help you build your family.
401(k) Matching: Contribution matching to help invest in your future.
Personal Device Allowance: Tax free funds for personal device usage.
Pre-tax Benefits: Access to Flexible Spending Accounts (FSA) and Commuter Benefits.
Lifestyle Wallet: Monthly contributions for fitness, professional development, coworking, and more.
Mental Health Support: Dedicated access to therapy and coaching to help you reach your goals.
Sabbatical Leave: Paid Sabbatical Leave after 5 years of employment.
Compensation and Equity: Competitive compensation and equity grants for full time employees.
... and much more!

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Application SecurityThreat ModelingSecurity ArchitectureVulnerability ManagementIncident ResponseSecure Code ReviewsInternal Penetration TestingWeb Application SecurityProgramming (Python, NextJS)Cloud Security (GCP, Kubernetes)

Soft Skills

LeadershipMentoringTraining DevelopmentCommunicationAdvisory