Senior Field Application Engineer, Servers
ASUS
LinuxVMware
Application Security Engineer
From A to B
full-time
Posted on:
Location Type: Hybrid
Location: San Francisco • California • 🇺🇸 United States
Visit company websiteSalary
💰 $180,000 - $200,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AWSAzureCloudDockerGoGoogle Cloud PlatformJavaJavaScriptJenkinsKubernetesMicroservicesPythonSDLCTypeScript
About the role
- Design and implement security tooling, automation, and processes to support secure development, deployment, and operations
- Perform threat modeling, design reviews, and security assessments (API, web, mobile, microservices)
- Conduct secure code reviews, dynamic and static application security testing, and penetration testing
- Work closely with engineering teams to remediate identified security issues, embed secure practices in SDLC, and strike the balance between speed and safety
- Investigate and respond to application-level security incidents or suspicious behavior
- Help define and enforce security standards, policies, and best practices across the engineering organization
- Maintain and improve application security infrastructure: e.g. vulnerability scanners, SAST/DAST tools, secrets management, dependency scanning, WAF configuration, RASP, etc.
- Stay abreast of new threats, vulnerabilities, and relevant industry practices; share knowledge (e.g. internal training, security guilds, writing blog posts)
Requirements
- 4+ years of experience securing web and/or API-based applications in a production setting
- Hands-on experience with static analysis (SAST), dynamic analysis (DAST), interactive application security testing (IAST) or similar tools
- Experience performing manual code reviews in languages like Java, Python, Go, JavaScript/TypeScript, or others used at Atob
- Understanding of common web / API vulnerabilities (OWASP Top 10, API abuses, SSRF, injection, XSS, deserialization, etc.)
- Familiarity with authentication & authorization mechanisms (OAuth2/OIDC, JWT, session management, RBAC, etc.)
- Experience integrating security into a CI/CD pipeline (GitHub Actions, GitLab CI, Jenkins, CircleCI, etc.)
- Working knowledge of cloud platforms (AWS, GCP, Azure) and container/orchestration (Docker, Kubernetes)
- Strong problem-solving skills, ability to operate in ambiguity and drive security outcomes in fast-moving teams
- Excellent communication skills — you’ll partner and negotiate with engineers, product, and leadership
Benefits
- Offers Equity
- Offers Bonus
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
static analysisdynamic analysisinteractive application security testingmanual code reviewsJavaPythonGoJavaScriptTypeScriptweb API vulnerabilities
Soft skills
problem-solvingcommunicationnegotiationability to operate in ambiguitydrive security outcomes
