Information Security / Application Security Engineer

Mechanical Orchard

full-time

Posted on: 10/20/2025

Location Type: Remote

Location: Remote • 🇺🇸 United States

✨ AI Apply

Mid-LevelSenior

CloudGoGoogle Cloud PlatformJavaPythonSDLC

About the role

Partner with software teams to embed security into the SDLC (design reviews, threat modeling, dependency management)
Review architecture, code, and CI/CD configurations for security concerns
Assist developers in implementing secure authentication, authorization, and secrets management practices
Build or integrate tooling to automate static analysis, dependency scanning, and container security checks
Design and roll out software development security controls (e.g., centralized secrets management, secure build pipelines)
Automate security evidence collection and reporting for compliance frameworks
Collaborate with development teams to mitigate findings from CSPM tooling

3+ years of professional software engineering experience (Python, Go, Java, or similar).
Familiarity with modern DevOps and cloud environments (especially GCP).
Solid understanding of application security fundamentals — authentication, encryption, secrets management, input validation, and secure APIs.
Experience with CI/CD systems (GitHub Actions, GitLab CI, etc.) and integrating security tooling.
Ability to work collaboratively with engineers — balancing pragmatism and security.

Benefits

Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind
Committed to providing a work environment free of discrimination and harassment
Will provide reasonable accommodation to employees who have protected disabilities consistent with local law

Tip: use these terms in your resume and cover letter to boost ATS matches.

PythonGoJavaapplication securityauthenticationencryptionsecrets managementinput validationsecure APIsCI/CD

collaborationpragmatism