Turnkey

Senior Security Engineer – Application Security

Turnkey

full-time

Posted on:

Location Type: Remote

Location: United States

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

AWSCloudDockerGoGoogle Cloud PlatformJavaScriptKubernetesRustSDLCTypeScript

About the role

  • You will partner with Product and Engineering at both the design and development stage to ensure that we implement new features securely, including (but not limited to):
  • - Participating in the implementation efforts
  • - Doing security reviews
  • - Helping with product design decisions
  • - Auditing and surfacing vulnerabilities in our current products
  • - Conducting threat modeling and security assessments for new features and systems, identifying risks early and shaping secure architectural decisions.
  • - Developing and improving our Automated Tooling: further enhancing our automated tooling to scale our product security capabilities and find potential code problems both before and after we deploy
  • - Making the safe way, the easy way: work on defining and building application guardrails so that developers can build securely by default
  • - Investigating and remediating security issues, including vulnerabilities and incidents, and drive long-term improvements to prevent recurrence
  • - Embedding a culture of secure development across engineering, defining practices that influence how Turnkey builds, deploys, and maintains systems at scale.

Requirements

  • Bachelors degree in Computer Science, Engineering, or a related field
  • 5+ years of experience in application or product security, ideally in fast-moving, high-impact or crypto-native environments
  • Strong understanding of web, mobile, and cryptographic security fundamentals (e.g. OWASP Top Ten, SANS/CWE Top 25)
  • Proficiency in programming and scripting languages (Typescript/Javascript, Go, Rust) and experience building secure systems from the code up
  • Hands-on experience with security testing tools and methodologies (static/dynamic analysis, pen testing, etc.)
  • Strong understanding of cloud, containerized, and runtime environments (AWS, GCP, Docker, Kubernetes), with the ability to embed security early in the SDLC
  • Excellent analytical, problem-solving, and communication skills, with a collaborative mindset for partnering across product and infrastructure teams
  • Curious, proactive, and passionate about building secure, reliable systems in a fast moving startup environment
  • A builder mentality; comfortable operating with ambiguity, tackling incomplete systems, and applying hands-on engineering experience to security challenges.
  • Familiarity with crypto or DeFi systems and their unique security challenges
  • Familiarity with threat modeling frameworks and cloud-native security tooling
Benefits
  • 📊 Check your resume score for this job Improve your chances of getting an interview by checking your resume score before you apply. Check Resume Score
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securityproduct securityweb securitymobile securitycryptographic securityTypescriptJavascriptGoRustsecurity testing
Soft Skills
analytical skillsproblem-solvingcommunication skillscollaborative mindsetcuriosityproactivitypassion for securitybuilder mentalityoperating with ambiguityhands-on engineering experience