CrawlJobs Logo

Application Security Engineer – AI & Cloud

https://www.roberthalf.com Logo

Robert Half

Location Icon

Location:
United States , Minneapolis

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

This role is the first dedicated Application Security hire on a growing security team and will build the AppSec function from the ground up. The focus is hands-on, practitioner-level application security with SAST and DAST at the core, strong API security fundamentals, and close partnership with developers. The environment is SaaS-heavy and AWS-native with no on-prem applications. This role embeds security directly into modern development workflows, including AI-assisted coding using tools like Cursor and GitHub Copilot, ensuring secure application, API, and cloud delivery at scale.

Job Responsibility:

  • Own and operate the organization’s SAST and DAST programs end-to-end
  • Design, deploy, tune, and mature SAST and DAST tooling across development and release pipelines
  • Review application code, including AI-generated code, to identify vulnerabilities, insecure patterns, secrets exposure, and data handling risks
  • Partner directly with software developers to triage findings, prioritize remediation, and validate fixes
  • Act as a trusted AppSec partner to engineering, not a gatekeeper
  • Perform application and API security reviews across internally developed and SaaS-integrated systems
  • Evaluate authentication, authorization, transport security, rate limiting, session handling, logging, and data exposure risks
  • Assess externally exposed applications and APIs for secure design and release readiness
  • Support secure AWS application patterns including IAM, secrets management, logging, networking, and containerized workloads
  • Help centralize and improve secrets management using AWS Secrets Manager and enterprise tooling
  • Translate security requirements into practical, developer-friendly guidance
  • Help govern AI-assisted development by defining guardrails for acceptable use of AI coding tools
  • Review AI-enabled workflows for security risks including prompt misuse, data leakage, and insecure implementation
  • Build repeatable security review criteria and documentation aligned to NIST and SOC 2 expectations

Requirements:

  • 5+ years of experience in Application Security, Security Engineering, DevSecOps, or secure software development
  • Hands-on experience with SAST, DAST, secrets scanning, and dependency review in enterprise environments
  • Strong knowledge of API security — authentication, authorization, transport security, and data handling risks
  • Working knowledge of AWS security fundamentals — IAM, logging, encryption, networking, and secrets management
  • Experience securing or governing AI-assisted development tools such as Cursor, GitHub Copilot, or similar
  • AWS fundamentals including IAM, secrets management, logging, and networking
  • Experience embedding security controls into SDLC and CI/CD pipelines
  • Strong documentation skills — ability to produce defensible standards and audit-ready evidence for NIST and SOC 2
  • Excellent verbal and written communication skills
  • ability to work effectively with developers, architects, and business stakeholders

Nice to have:

  • Experience with MuleSoft or SaaS integration security platforms
  • Familiarity with CrowdStrike Falcon Suite, Snyk, or Veracode
  • Microsoft / M365 security experience
  • Exposure to FINRA, SOX, or other financial services regulatory frameworks
  • DSPM familiarity
What we offer:
  • medical, vision, dental, and life and disability insurance
  • eligibility to enroll in our company 401(k) plan

Additional Information:

Job Posted:
May 11, 2026

Icon
Robert Half - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Security Engineer – AI & Cloud

Senior AI Security Engineer

Senior AI Security Engineer role in Citi's Application, Platform and Engineering...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Production system builder with security focus - proven track record of architecting and building secure, large-scale production applications and business-facing platforms from the ground up
  • Ethical hacking and penetration testing expertise - hands-on experience finding and exploiting vulnerabilities, conducting red team exercises
  • State-of-the-art security engineering with Go, Python, JavaScript
  • HashiCorp Vault mastery - deep experience writing custom plugins, creating secrets engines, implementing dynamic credentials
  • Enterprise authentication & authorization - designing and implementing OAuth, JWT, RBAC, and complex identity systems
  • API security and threat modelling - securing REST/GraphQL APIs, conducting threat assessments
  • AI/ML security and vulnerability research - understanding of LLM vulnerabilities, model security, prompt injection attacks
  • Security automation and tooling – automating manual security processes
  • Cloud-native security - securing containerized applications in Kubernetes, service mesh security
  • Incident response and forensics - experience investigating, analyzing, and responding to security incidents
Job Responsibility
Job Responsibility
  • Build secure AI products from 0-1 - Engineer production-grade, business-facing AI platforms with security built-in from day one
  • Conduct ethical hacking and red team activities - penetration testing, vulnerability research, and attack simulation
  • Design and build security tools and frameworks - Create automated security solutions that scale across fast-paced development cycles
  • Secure novel AI attack surfaces - Identify and mitigate LLM-specific vulnerabilities, prompt injection attacks, and AI model security risks
  • Lead 'shift left' security - Embed security practices throughout rapid development lifecycle while maintaining velocity
  • Mentor security practices - Guide other engineers on secure coding, vulnerability remediation, and security-first thinking
What we offer
What we offer
  • 27 days annual leave (plus bank holidays)
  • Discretional annual performance related bonus
  • Private Medical Care & Life Insurance
  • Employee Assistance Program
  • Pension Plan
  • Paid Parental Leave
  • Special discounts for employees, family, and friends
  • Hybrid working model (up to 2 days working at home per week)
  • Competitive base salary (annually reviewed)
  • Fulltime
Read More
Arrow Right

AppSec & AI Security Architect

Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s or Master’s degree in Cybersecurity, Computer Science, or Engineering
  • 10+ years of experience in application or product security architecture, preferably in large enterprise or SaaS environments
  • Proven expertise in secure application and API design, cloud-native security, and DevSecOps enablement
  • Proven expertise in secure application and API design, WAAP, and ASPM solutions
  • Strong experience with Kubernetes (K8s), containerization, and service mesh architectures
  • Hands-on experience implementing or governing GitOps pipelines and policy-as-code frameworks (e.g., OPA/Gatekeeper, Kyverno)
  • Knowledge of Zero Trust, data protection, and modern identity standards (OIDC, OAuth2)
  • Familiarity with AI/ML security risks, model governance, and responsible AI adoption
  • Deep knowledge of OWASP ASVS, NIST CSF, ISO 27034, and CIS Controls
  • Desired Certifications: CISSP, CSSLP, SABSA, CCSP, CKA (Certified Kubernetes Administrator), or CCSK.
Job Responsibility
Job Responsibility
  • Defining and maintaining secure application architecture patterns, reference designs, and reusable components across enterprise and cloud-native ecosystems
  • Performing architecture risk assessments and threat modeling for major application programs, APIs, and platforms
  • Leading adoption of Web Application and API Protection (WAAP) controls and Application Security Posture Management (ASPM) tools to enable continuous risk visibility and compliance
  • Embedding security controls in SDLC and CI/CD pipelines, including SAST, DAST, SCA, IaC, and container scanning
  • Designing and governing security for Kubernetes-based and containerized workloads, including service mesh and runtime protection
  • Developing and enforcing standards for API and microservices security, including authentication, authorization, and token lifecycle management (OAuth2, OIDC, mTLS)
  • Establishing secure-by-default configurations for CI/CD and GitOps pipelines (e.g., ArgoCD, Flux, Jenkins, GitHub Actions)
  • Partnering with engineering teams to design secure cloud-native and hybrid architectures across AWS, Azure, and GCP
  • Providing security guidance for applications leveraging AI/ML or LLM capabilities, such as input/output sanitization, model integrity, and data protection
  • Establishing application security KPIs, governance models, and maturity metrics
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion.
  • Fulltime
Read More
Arrow Right

Cloud Application Developer with AI expertise

Cloud Application Developer with AI expertise role at Hewlett Packard Enterprise...
Location
Location
India , Chennai
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science, engineering, information systems, or closely related quantitative discipline
  • Master's desirable
  • Typically 4-7 years' experience
  • Strong programming skills in Python, Java, Golang, or JavaScript
  • Good understanding of distributed systems, event-driven programming paradigms, and designing for scale and performance
  • Proven experience in designing, developing, and maintaining real-time data pipelines using Apache Kafka
  • Strong understanding of Kafka architecture and expertise in developing Kafka Stream Application
  • Experience with cloud-native applications, developer tools, managed services, and next-generation databases
  • Knowledge of DevOps practices like CI/CD, infrastructure as code, containerization, and orchestration using Kubernetes
  • Good written and verbal communication skills and agile in a changing environment
Job Responsibility
Job Responsibility
  • Analyse feature specifications and determine required coding, testing, and integration activities
  • Design and develop moderate to complex cloud application modules per feature specifications adhering to security policies
  • Identify debug and create solutions for issues with code and integration into application architecture
  • Develop and execute comprehensive test plans for features adhering to performance, scale, usability, and security requirements
  • Deploy cloud-based systems and applications code using continuous integration/deployment (CI/CD) pipelines to automate cloud applications' management, scaling, and deployment
  • Contribute towards innovation and integration of new technologies into projects
  • Analyze science, engineering, business, and other data processing problems to develop and implement solutions to complex application problems, system administration issues, or network concerns
What we offer
What we offer
  • Health & Wellbeing benefits
  • Personal & Professional Development programs
  • Unconditional Inclusion environment
  • Comprehensive suite of benefits supporting physical, financial and emotional wellbeing
  • Fulltime
Read More
Arrow Right

Senior Information Security Engineer

Serve as a technical leader in our Security team reporting to our Information Se...
Location
Location
United States , Boston
Salary
Salary:
150000.00 - 190000.00 USD / Year
whoop.com Logo
Whoop
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Security, or a related technical field and/or advanced certifications (CISSP, CISM, AWS Security Specialty, SANS, etc.)
  • 8+ years of hands-on experience in Information Security, IT Security, or a related role, including at least 2 years in a senior or lead capacity
  • Proven track record implementing and managing advanced security technologies (e.g., CASB, CNAPP, CSPM, SIEM, SOAR, DLP, SWG)
  • Experience securing AI/ML systems or APIs, including governance of third-party AI integrations and organizational use of AI tools
  • Strong understanding of modern cloud security architecture (AWS, Azure, GCP) and experience performing threat modeling and risk assessments on cloud-based systems
  • Hands-on experience with application security tooling (SAST, SCA, DAST) and embedding secure development practices
  • Demonstrated leadership in security incident response, investigations, and root cause analysis
  • Effective communicator with the ability to influence stakeholders and explain security concepts to technical and non-technical audiences
  • Strong project management skills and the ability to drive initiatives to completion in a fast-paced environment
  • Experience mentoring engineers and setting operational standards
Job Responsibility
Job Responsibility
  • Implement and enhance security controls by leading the deployment, integration, and tuning of solutions such as CNAPP, SIEM, CASB, EDR, DLP, and MDM to maximize effectiveness
  • Support security design decisions by providing subject matter expertise on cloud and SaaS security best practices while influencing architecture led by the Security Architect role
  • Lead incident response and investigations by guiding containment, remediation, root cause analysis, and post-incident improvements
  • Strengthen application security by overseeing secure development practices and managing SAST, SCA, and DAST tooling
  • Advance identity and access management by supporting IAM policy enforcement, SSO, MFA, SCIM, RBAC, and user lifecycle governance
  • Secure AI systems and integrations by assessing and protecting embedded APIs and organizational AI tool usage to ensure resilience, privacy, and compliance
  • Collaborate cross-functionally by working with Engineering, IT, and GRC teams to embed security into systems and workflows
  • Mentor and influence by providing technical guidance, reviewing work, and promoting security-first thinking across the organization
  • Stay ahead of threats and regulations by tracking emerging risks, technologies, and compliance requirements to inform forward-looking strategies
  • Participate in and help improve the on-call rotation by providing guidance, escalation support, and driving improvements in response processes
What we offer
What we offer
  • competitive base salaries
  • meaningful equity
  • generous equity package
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

We’re looking for a Staff Product Security Engineer to lead the design and imple...
Location
Location
United States
Salary
Salary:
184000.00 - 252000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in product, application, or cloud security engineering
  • Deep understanding of secure SDLC, threat modeling, and secure architecture design
  • Proven expertise with AWS cloud security concepts and best practices
  • Strong experience with container security, orchestration, and runtime protection
  • Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
  • Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
  • Familiarity with DevSecOps and continuous integration/deployment environments
Job Responsibility
Job Responsibility
  • Embed robust security practices throughout the software and AI development lifecycle (SDLC)
  • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
  • Partner with engineering and product teams to ensure security, privacy, and compliance by design
  • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
  • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
  • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
  • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
  • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
  • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
  • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus, equity, and a generous benefits program
  • Fulltime
Read More
Arrow Right

Security Engineer

As a Security Engineer, you will play a crucial role in safeguarding Dashlane’s ...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Good understanding of application security best practices, including experience with threat modeling and risk assessments
  • Demonstrated experience building or improving an SDLC program
  • Familiarity with CI/CD pipelines and their security implications
  • Familiarity with cloud infrastructure (e.g., AWS, Azure, Kubernetes), and Infrastructure-as-Code (e.g., Terraform)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message. You are experienced in communicating with technical and non-technical audiences
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it
  • Adaptability: you’re comfortable digging into non-technical parts of the business to provide security support and guidance
Job Responsibility
Job Responsibility
  • Drive the continuous improvement of Dashlane’s security program across the product and company
  • Conduct architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Evaluate and implement security tooling and/or build customized tooling in-house where necessary
  • Participate in Compliance and Incident Response
  • Innovate and propose new forward-looking security features that protect Dashlane and our users
What we offer
What we offer
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption
  • Health insurance covered by Dashlane
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Commute allowance
  • Meal Vouchers (Swile)
  • Mental health services through Spring Health for you and family members
  • 4 extra days off (one per quarter) to acknowledge the importance of your wellbeing
  • Spot in daycare
  • Time off saving account
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane
Read More
Arrow Right

Principal Engineering Manager - Applied AI

We are looking for a Principal Engineering Manager to join our growing Applied A...
Location
Location
United States , Seattle
Salary
Salary:
240870.00 - 297652.00 USD / Year
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in Generative AI and Agentic AI systems, including LLMs, context engineering, and modern vector-based retrieval systems
  • 4+ years working as an engineering manager
  • 8+ years working as a professional software developer
  • A great understanding of Generative AI systems, best practices and experience in shipping Agentic AI into distributed, data-intensive production systems
  • Experience developing and operating Cloud services at enterprise scale
  • Strong programming skills in Java, Python, C#, Typescript or equivalent programming language
  • Substantial depth and breadth of management experience to lead and grow an Applied AI team
  • Great collaboration with teams with different backgrounds/expertise/functions
  • Expertise in full product lifecycle
  • technical designs, project planning, iterative implementation, and successful product launches
Job Responsibility
Job Responsibility
  • Lead a team of Applied AI engineers that works at the bleeding edge of Generative AI to solve high-impact business challenges
  • Apply Generative AI to solve hard unsolved challenges in the application of Agentic AI to real-world business challenges
  • Grow, coach, build and scale the Applied AI team
  • Drive operational excellence to achieve enterprise-grade scale, reliability, security, cost-efficiency and performance
  • Drive technical direction for building a safe, scalable and reliable Agentic AI platform for all of Highspot
  • Communicate complex concepts and the results of analyses in a clear and effective manner to technical and non-technical audiences
  • Collaborate with other team members and cross-functionally to share knowledge and discuss initiatives
What we offer
What we offer
  • Comprehensive medical, dental, vision, disability, and life benefits
  • Health Savings Account (HSA) with employer contribution
  • 401(k) Matching with immediate vesting on employer match
  • Flexible PTO
  • 8 paid holidays and 5 paid days for Annual Holiday Week
  • Quarterly Recharge Fridays (paid days off for mental health recharge)
  • 18 weeks paid parental leave
  • Access to Coaches and Therapists through Modern Health
  • 2 volunteer days per year
  • Commuting benefits
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

As a Staff Product Security Engineer, you will play a crucial role in safeguardi...
Location
Location
France , Paris
Salary
Salary:
Not provided
dashlane.com Logo
Dashlane
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of application security best practices, including experience with threat modeling and risk assessments
  • Demonstrated experience building or improving an SDLC program
  • Familiarity with CI/CD pipelines and their security implications
  • Familiarity with cloud infrastructure (e.g., AWS, Azure, Kubernetes), and Infrastructure-as-Code (e.g., Terraform)
  • Interest in enabling secure use of AI tools to drive efficiency, creativity, and impact internally
  • Communication & Collaboration: You engage and listen empathetically to others, adjusting your communication style to fit the audience and message. You are experienced in communicating with technical and non-technical audiences
  • Mentoring: You enjoy using your knowledge and experience to support and uplevel those around you
  • Motivated Learner: You learn new technologies and processes quickly, and understand where to look for knowledge when you need it
  • Adaptability: You are a jack or jane of all trades - you’re comfortable digging into non-technical parts of the business to provide security support and guidance
Job Responsibility
Job Responsibility
  • Drive the continuous improvement of Dashlane’s security program across the product and company
  • Conduct architecture design reviews, threat modeling, and technical security assessments of Dashlane’s product (application and infrastructure) to identify security risks and provide mitigation guidance
  • Ensure security best practices are integrated throughout the software development lifecycle (SDLC)
  • Build upon and scale Vulnerability Management to ensure the team can track, analyze, and manage vulnerabilities and their remediation
  • Perform risk assessments of Dashlane’s internal systems, environments, assets, and data, and implement security best practices accordingly
  • Evaluate and implement security tooling and/or build customized tooling in-house where necessary
  • Participate in Compliance and Incident Response
  • Innovate and propose new forward-looking security features that protect Dashlane and our users
What we offer
What we offer
  • Equal Parental leave - regardless of gender, up to 20 weeks fully paid leave to take care of their new baby, within the first year of birth or adoption
  • Health insurance covered by Dashlane
  • Mentorship program - select your mentor from our internal pool and continue your learning path!
  • Commute allowance
  • Meal Vouchers (Swile)
  • Mental health services through Spring Health for you and family members
  • 4 extra days off (one per quarter) to acknowledge the importance of your wellbeing
  • Spot in daycare
  • Time off saving account
  • Donation matching program - give back to the community and support actions that lead to positive social impact under the historically marginalized communities. Every donation will be matched by Dashlane
  • Fulltime
Read More
Arrow Right