Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Lumin Digital

Senior Application Security Engineer

Lumin Digital

Senior Application Security Engineer securing Lumin Digital’s B2B2C SaaS platform by leveraging AI-powered security tools. Focusing on secure code practices and leading security architecture reviews.

Posted 5/28/2026full-timeRemote • 🇺🇸 United StatesSenior💰 $155,000 - $175,000 per yearWebsite

Tech Stack

Tools & technologies
CloudCyber SecurityMicroservices

About the role

Key responsibilities & impact
  • Lead security architecture reviews for new and existing applications, ensuring secure-by-design principles are embedded from initial design through deployment and ongoing operation.
  • Develop, enforce, and continuously refine secure coding standards across engineering teams through a combination of automated security scans (SAST, DAST, SCA), AI-assisted code review using tools such as Claude Code, periodic manual code audits, and targeted secure development training.
  • Own the design, implementation, and evolution of Application Security Posture Management (ASPM) capabilities, integrating signals from static analysis, dynamic testing, software composition analysis, and runtime telemetry to build risk-scoring models that balance exploitability, data sensitivity, and business impact.
  • Continuously improve threat modeling frameworks across application components, third-party integrations, cloud-native architectures, and AI/LLM-powered features, leveraging tools such as Claude Security for accelerated threat model generation and scenario analysis.
  • Develop custom security automation tools and scripts to improve detection and response capabilities across cloud environments, including AI-assisted vulnerability auto-fix workflows and integration of AI-powered security tooling into CI/CD pipelines.
  • Own and operate the company’s bug bounty program end-to-end: define program strategy and scope, triage and validate external researcher submissions, assess severity, and maintain productive engagement with the security research community.
  • Manage vulnerability triage and prioritization processes, ensuring vulnerabilities are assessed based on exploitability, business impact, and compliance requirements, and that remediation timelines align with organizational risk tolerance.

Requirements

What you’ll need
  • Bachelor’s in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience.
  • Preferred certifications: CSSLP, OSCP, GWEB, or GWAPT.
  • Seven (7+) years of progressive experience in application security, software security engineering, or a closely related domain within production SaaS environments.
  • Extensive hands-on experience in secure software development, DevSecOps pipeline design, and security testing methodologies (SAST, DAST, SCA, penetration testing).
  • Demonstrated experience securing large-scale cloud-native applications, APIs, and microservices architectures.
  • Experience leading application security initiatives, defining program strategy, and mentoring engineering teams on secure development practices.
  • Demonstrated, regular hands-on use of AI-powered security and development tools (e.g., Claude Code, Claude Security, or comparable coding/security assistants) as part of daily security engineering workflows, not solely in an evaluative, advisory, or training capacity.
  • Experience assessing AI-specific attack surfaces in LLM-integrated applications, including prompt injection, context leakage, insecure tool use, and model denial-of-service.

Benefits

Comp & perks
  • medical, dental, and vision insurance
  • a 401(k) with company match
  • flexible PTO plus 12 paid holidays
  • paid sick leave
  • paid parental and family leave
  • a lifestyle spending account
  • tuition reimbursement
  • a cell phone stipend

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
secure coding standardsapplication security posture managementthreat modeling frameworksvulnerability triagesecure software developmentDevSecOps pipeline designsecurity testing methodologiespenetration testingcloud-native applicationsmicroservices architectures
Soft Skills
leadershipmentoringcommunicationstrategic planningcollaboration
Certifications
CSSLPOSCPGWEBGWAPT