Staff Application Security Engineer

Agility Robotics

Staff Application Security Engineer in a robotics company integrating security into software development lifecycle and minimizing application vulnerabilities.

Posted 6/4/2026full-timeRemote • California, Oregon, Pennsylvania • 🇺🇸 United StatesLead💰 $161,000 - $251,000 per yearWebsite

Tech Stack

Tools & technologies

AWSCloudDistributed SystemsGoGoogle Cloud PlatformKubernetesPythonSDLC

About the role

Key responsibilities & impact

Security Development Lifecycle (SDLC) Integration: Drive the implementation of security practices throughout the entire software development process, from design review through deployment.
Application Security Testing: Perform offensive penetration testing and defensive (Blue Team) testing on web applications, internal services, and robot-side software to identify and remediate vulnerabilities.
Automation and Tooling: Implement and manage security tools, including Static Application Security Testing (SAST) or Dynamic Application Security Testing (DAST) or runtime vulnerability assessments, and Software Bill of Materials (SBOM) systems. Implementation of these systems using tools such as JFrog Artifactory, GitHub Advanced Security, Datadog, Wiz or Snyk.
Code Review and Governance: Define and enforce security policies for source code, including mandatory GitHub security practices and review procedures.
Vulnerability Management: Manage the lifecycle of identified vulnerabilities, prioritizing remediation efforts based on risk to the fleet, proprietary code, and cloud infrastructure.
Collaboration: Partner with development, platform, and infrastructure teams to ensure security requirements are met without hindering engineering velocity.

Requirements

What you’ll need

8+ years of dedicated, hands-on experience in Application Security (AppSec) engineering or a related Staff-level security role.
Demonstrated expertise in Application Security engineering with programming skills.
Proven hands-on experience implementing security controls in CI/CD pipelines and source control systems (e.g., GitHub, GitLab).
Experience with penetration testing, vulnerability scanning and offensive and defensive security (Red Team/Blue Team) practices.
Proficiency in at least one modern programming language (e.g., Python, Go, C++).
Strong understanding of security best practices for cloud-native, microservice, and distributed systems architecture.
Experience with cloud security such as AWS or GCP.
Kubernetes experience integrating security controls into K8s environments.
Experience leading and mentoring security engineers.

Benefits

Comp & perks

401(k) Plan: Includes a 6% company match.
Equity: Company stock options.
Insurance Coverage: 100% company-paid medical, dental, vision, and short/long-term disability insurance for employees.
Benefit Start Date: Eligible for benefits on your first day of employment.
Well-Being Support: Employee Assistance Program (EAP).
Time Off:
Exempt Employees: Flexible, unlimited PTO and 12 company holidays, including a winter shutdown.
Non-Exempt Employees: 10 vacation days, paid sick leave, and 12 company holidays, including a winter shutdown, annually.
On-Site Perks: Catered lunches four times a week and a variety of healthy snacks and refreshments at our Salem and Pittsburgh locations.
Parental Leave: Generous paid parental leave programs.
Work Environment: A culture that supports flexible work arrangements.
Growth Opportunities: Professional development and tuition reimbursement programs.
Relocation Assistance: Provided for eligible roles.
Annual Discretionary Bonus: Provided for eligible roles.

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Application Securitypenetration testingvulnerability scanningsecurity controlsCI/CD pipelinesprogramming (Python, Go, C++)cloud securityKubernetesStatic Application Security Testing (SAST)Dynamic Application Security Testing (DAST)

Soft Skills

collaborationmentoringleadership