CrawlJobs Logo
Uber Logo Uber · IT - Software Development

Senior Software Engineer - Application Security

United States, Seattle Employment contract 202000.00 - 224000.00 USD / Year · Job Posted April 23, 2026
Apply Position
Job Link Share

Job Description

Uber is seeking a Senior Software Engineer to join our Application Security team as we evolve our defensive capabilities through advanced automation. You will help scale the traditional AppSec model of finding vulnerabilities manually to a fully automated and autonomous system. In this role, you will be tasked with designing, implementing, and deploying security automation that secures AI implementations within our applications and leverages model-driven analysis to detect security vulnerabilities—such as XSS, SQLi, CSRF, and SSRF—across Uber’s entire organization. You will use your software engineering skills to raise the security bar across all mobile and web apps at Uber while exploring the use of automation to generate exploits and validate vulnerabilities at scale. This is a unique opportunity to work with all levels of engineers, making a real impact on Uber’s security posture and up-leveling your own engineering skills while building specialized security knowledge. Note: you will have access to unlimited model usage for your work!

Job Responsibility

  • Design end-to-end features and autonomous systems for Agent & MCP Security, Code Scanning, and Vulnerability Remediation applications
  • Develop security automation capable of identifying vulnerabilities and performing automated exploit validation across Uber's microrepository landscape
  • Collaborate and consult with multiple engineering teams and stakeholders from Privacy, Security, Compliance, Infrastructure, and Product for integration into our security platforms
  • Design and develop new systems, such as automated security scoring and repository-to-service mapping, to empower fast, data-driven security decisions
  • Build distributed backend systems, including workflows, that serve real-time analytics and security features at Uber scale
  • Mentor junior engineers and lead technical design reviews for high-impact security projects

Requirements

  • Understanding of Agents, MCP servers, and LLMs
  • BS/BE degree in Computer Science or related fields
  • 5+ years of experience in software engineering
  • Experience building applications from end to end
  • Hands-on experience with Go, Java, C, or Python (Uber heavily utilizes Go)
  • Deep knowledge of datastore technologies, including RDBMS and NoSQL systems
  • Experience implementing REST or gRPC APIs
  • Service design and architecture experience
  • Implementation of secure system design, including authentication, authorization, and encryption

Nice to have

  • Experience with distributed messaging systems such as Kafka and building real-time data pipelines
  • Experience designing, implementing, and deploying production-quality systems with high availability
  • Experience building integrations with open source and vendor products
  • Familiarity with securing agentic workflows within software applications
  • Master's in Computer Science, Engineering, or a related field

What we offer

  • Bonus program
  • Equity award
  • 401(k) plan
  • Various benefits
Uber - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Senior Software Engineer - Application Security

8 matching positions

Full stack Software Engineer and Senior Full stack Software Engineer - Microsoft Security

We have multiple positions open for Full stack Software Engineers and Senior Ful...
Location
Location
Israel , Tel Aviv, Herzliya
Salary
Salary:
Not provided
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • B.Sc. or M.Sc. in computer science, software engineering, or equivalent experience
  • 7+ years of professional hands-on software development experience, primarily focused on developing and designing backend services in cloud or on-premises environments
  • proven hands-on experience in front-end development, including building scalable, user-facing applications using modern libraries and frameworks (e.g., React, Angular, or Vue)
  • experience taking initiative, map product/feature requirements, dependencies, and deliverables
Job Responsibility
Job Responsibility
  • Contribute to business-critical initiatives in Microsoft Security
  • Use deep technical skills and the ability to quickly adapt to new areas
  • Improve the end-to-end lifecycle of services
  • Analyze complex system behavior, and apply modern engineering practices to streamline deployments and reduce costs
  • Work on high-end technologies and collaborating across disciplines to deliver impactful features
  • Collaborate with multiple teams across Microsoft to deliver key customer solutions and support technology
  • Fulltime
Read More
Arrow Right

Senior Security Engineer, Application Security

Application Security enables 1Password to build and deliver secure products with...
Location
Location
United States; Canada
Salary
Salary:
156000.00 - 210000.00 USD; CAD / Year
https://www.1password.com Logo
1Password
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of career experience in IT or Engineering with a security focus
  • Passion for and strong experience with any of: bug bounty programs, vulnerability research, validation, remediation or pentesting
  • Experience with internal tool development and engineering enablement
  • Strong foundational understanding of software development principles, and are comfortable reading and writing code
  • Work well in a team environment with positive communications amongst a variety of technical and non-technical stakeholders
  • Comfortable owning and setting technical direction for small to medium sized initiatives
  • Adaptable and resilient, thriving in fast-paced environments with shifting priorities
Job Responsibility
Job Responsibility
  • Design, build, integrate and scale new security solutions to power our vulnerability management program
  • Develop and maintain tools that correlate, enrich, and prioritize security vulnerability findings from multiple data sources
  • Develop and maintain comprehensive dashboards and reporting metrics around our vulnerability management program, tailored to different audiences (technical, non-technical, compliance, senior leadership, etc.)
  • Conduct detailed analysis used to inform security development teams to eliminate classes of vulnerabilities
  • Partner with product and development teams to improve vulnerability triage workflows, validate findings, and come up with remediation strategies consistent with good user experiences
  • Contribute to the design of risk-scoring and SLA models that align with business priorities
  • Mentor other engineers and help shape the evolution of our vulnerability management strategy
What we offer
What we offer
  • Health benefits
  • Dental benefits
  • 401k/RRSP
  • Generous PTO policy
  • Equity grant
  • Incentive programs
  • Maternity and parental leave top-up programs
  • Retirement matching program
  • Free 1Password account
  • Paid volunteer days
  • Fulltime
Read More
Arrow Right

Senior Security Engineer - Application Security

This is an opportunity to join K's critical InfoSec team as a Senior Security En...
Location
Location
United States , New York
Salary
Salary:
150000.00 - 185000.00 USD / Year
khealth.com Logo
K Health
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Information Security, Cloud Security, IT Security, and/or Application Security
  • Strong expertise in cloud technology (AWS, GCP, or Azure), modern programming languages, utilization of generative coding utilities, and the security implications of utilizing AI code development utilities
  • Demonstrated experience researching, establishing, and successfully rolling out enterprise-wide security policies and guidelines
  • Proven experience establishing a cutting-edge security posture, particularly within the regulated healthcare technology field
  • Excellent communication skills, capable of translating complex security risks into clear, actionable advice for technical and non-technical stakeholders
  • Expertise in compliance, security, and regulatory areas such as
  • HIPAA, PHI, AKS, SOC 2, ISO, GDPR, etc.
  • Flexibility in covering a rotation for critical on-call support responsibilities
Job Responsibility
Job Responsibility
  • Lead the development and implementation of robust application security protocols throughout the entire Software Development Lifecycle (SDLC)
  • Design, deploy, and continuously monitor cloud security architecture across our cloud environments, ensuring performance and resilience
  • Manage the security posture of K’s core IT infrastructure, internal networks, and perimeter defenses, mitigating threats before they impact operations
  • Ensure adherence to relevant healthcare regulatory and compliance requirements (e.g., HIPAA, GDPR, etc.) across all product lines and systems
  • Conduct proactive vulnerability assessments, penetration tests, and security reviews to identify and remediate potential weaknesses in our platforms
  • Collaborate with engineering teams to integrate security tools and practices into continuous integration/continuous deployment (CI/CD) pipelines
What we offer
What we offer
  • Hybrid work schedule with weekly lunches and stocked fridges
  • Monthly social committees for company events
  • 18 vacation days, 9 company holidays, 5 sick days, and 2 personal days
  • Stock options for every full-time employee
  • Paid parental leave
  • 401k benefit
  • Commuter Benefits
  • Competitive health, dental, and vision insurance options
  • Fulltime
Read More
Arrow Right

Senior Application Security / Product Security Engineer

We are seeking an experienced Application Security / Product Security Engineer t...
Location
Location
India , Mumbai
Salary
Salary:
Not provided
Galaxy Office Automation Pvt. Ltd.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong understanding of Application Security and Product Security principles
  • Experience with secure SDLC practices
  • Hands-on experience performing security testing for Web applications, APIs, Mobile apps, Thick client applications
  • Knowledge of cloud platforms (AWS / Azure / GCP) and cloud security architecture
  • Experience performing security design reviews and threat modeling
  • Familiarity with OWASP Top 10, API Security Top 10, and common vulnerability classes
  • Experience using security tools such as SAST, DAST, SCA
  • API testing tools
  • Good working knowledge of Excel for tracking vulnerabilities, metrics, and reporting
  • Strong task management and stakeholder coordination skills
Job Responsibility
Job Responsibility
  • Integrate security practices into the Software Development Lifecycle (SDLC)
  • Perform application security design reviews for new and existing products
  • Conduct manual and automated security testing of Web applications, REST / GraphQL APIs, Mobile applications (Android / iOS), Thick client / desktop applications
  • Identify vulnerabilities such as OWASP Top 10, authentication issues, authorization flaws, and API security risks
  • Review cloud architecture and deployments (AWS, Azure, GCP) for security best practices
  • Work with development teams to prioritize and remediate vulnerabilities
  • Perform threat modeling and security architecture assessments
  • Track vulnerabilities, remediation status, and risk metrics using Excel or vulnerability management tools
  • Support secure coding practices and developer security awareness
  • Manage multiple security assessments and coordinate tasks across teams
  • Fulltime
Read More
Arrow Right

Software Engineer / Senior Software Engineer

ARiA is looking for highly motivated self-starters and low-ego team players to j...
Location
Location
United States , Madison; Alexandria; Seattle
Salary
Salary:
Not provided
ariacoustics.com Logo
Applied Research in Acoustics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Applicants selected for employment will be subject to a government security investigation and must meet eligibility requirements, including U.S. citizenship, for access to sensitive information
  • Bachelor’s degree or greater in a relevant technical field (Computer Science, Engineering, or equivalent)
  • Expertise designing and developing code using modern programming/scripting languages such as C, C++, Golang, JavaScript (and variants), and Python
  • Expertise developing and deploying software in an agile, continuous-integration (CI) framework across a variety of hardware platforms (desktop, server, cloud) using modern tools including containerization (e.g., Docker, Kubernetes)
  • Exceptional ability and desire to acquire new knowledge and skills to solve challenges
  • Ability to work independently but collaboratively
  • Ability to manage multiple projects in a fast-paced professional office environment
  • Ability to communicate technical solutions to colleagues and customers
  • Superior oral and written communications skills
Job Responsibility
Job Responsibility
  • Algorithm and software design, development, research, and testing to support prototypes and products
  • Supporting the transition of research algorithms to fielded systems
  • Preparing documentation to summarize design and status of prototypes and products
  • Assisting with in-field integration, testing, and support, with some local travel required
  • Developing an interface between a C++ underwater-acoustics physics engine and a video game for education and training
  • Developing a JavaScript backend for a scenario-design and management tool for players and integration of that system with a learning-management system (LMS)
  • Developing algorithms and software for a cloud-deployed cognitive tool that allows natural-language query of legal documents to answer user questions about government regulations and supporting the DevOps process for deployment of the prototype
  • Fulltime
Read More
Arrow Right

Senior Security Engineer and Principal Security Engineer

The Microsoft Windows Security team is looking for a learn-it-all security engin...
Location
Location
United States , Redmond
Salary
Salary:
119800.00 - 234700.00 USD / Year
https://www.microsoft.com/ Logo
Microsoft Corporation
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Master's Degree in Statistics, Mathematics, Computer Science, or related field AND 3+ years experience in security or related field OR Bachelor's Degree in Statistics, Mathematics, Computer Science, or related field AND 4+ years experience in security or related field OR equivalent experience
  • Ability to meet Microsoft, customer and/or government security screening requirements
  • Microsoft Cloud Background Check upon hire/transfer and every two years thereafter
  • 2+ years identifying vulnerabilities in operating systems and/or native (C/C++) applications
  • 5+ years of experience in a software engineering or security-related engineering
  • Demanstrated experience in security research, especially around vulnerability discovery
  • Experience exploiting bugs and bypassing security mitigations in operating systems
  • Familiarity with Microsoft Windows architecture
Job Responsibility
Job Responsibility
  • Participate in security reviews to identify and mitigate risk in Microsoft products, including design reviews, code reviews, and fuzzing
  • Be the security contact for teams building new innovative products and technologies in the next version of Windows and devices
  • Identify security vulnerabilities in a wide variety of key OS features such as network protocols, security features, and Microsoft devices
  • Leverage a broad and current understanding of security to devise new protections
  • Interact with the external security community and security researchers
  • Collaborate with product teams to improve security, and articulate the business value of security investments
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

We are seeking an experienced Application Security Engineer to join our team tha...
Location
Location
Egypt , Cairo
Salary
Salary:
Not provided
coca-colahellenic.com Logo
Coca-Cola HBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years in information security and 2+ years in software development
  • Bachelor’s degree in computer science, Information Security, or related field, or equivalent
  • At least one Cyber Security related certification, (e.g. ISC2 CISSP, EC-Council CEH, ISACA’s CSX, Microsoft Azure Security Associate, AWS Certified Security Specialty)
  • Any Application Security certification, (e.g. EC-Council CASE, ISC2 CSSLP, OffSec OWSA, GIAC CWAD)
  • Dedicated and proactive, finding opportunities and leading initiatives independently
  • Deep understanding of enterprise, cloud and cloud-native architectures and their secure design
  • Skilled in multiple programming languages (e.g., .NET, JavaScript, Python)
  • Proven expertise in guiding security development and code evaluations and providing actionable, risk-based technical recommendations
  • Knowledge of application security best practices such as OWASP Top 10, OWASP SAMM/DSOMM, OWASP ASVS/MASVS
  • Expertise in network and web protocols (TCP/IP, TLS, HTTPS, OAuth 2.0, OpenID Connect) and common attack vectors
Job Responsibility
Job Responsibility
  • Advance the application security strategy through multi-functional initiatives and cultural influence
  • Lead security initiatives across the SDLC and improve development practices through scalable automation
  • Conduct and guide security requirements and threat modeling early in design phases
  • Partner with product management, platform engineering, development and cyber defense teams to align business goals with security needs
  • Lead security architecture, design and code reviews
  • Perform hands-on security testing to identify risks and drive remediation with development teams
  • Drive software supply chain security practices to ensure protection against code, build, and artifact tampering across the CI/CD pipeline
  • Balance business and security risks through technically grounded, pragmatic recommendations
  • Translate lessons learned into reusable organizational assets that enhance overall security posture
  • Mentor engineers and practitioners, promoting secure-by-default thinking and shared accountability
What we offer
What we offer
  • Coaching and mentoring programs
  • Development opportunities
  • Equal opportunity employer
  • Learning programs
  • Work with iconic brands
  • Supportive team
  • Volunteering Opportunities
  • Wellbeing program
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

We are hiring an Application Security Engineer to join our Infrastructure & Secu...
Location
Location
United States
Salary
Salary:
170000.00 - 210000.00 USD / Year
onebrief.com Logo
Onebrief
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Application Security, Cybersecurity Engineering, Software Engineering or a related field
  • U.S. citizenship required
  • A strong understanding of Linux, containerization and orchestration, and virtual machines
  • Networking fundamentals: core protocols and secure configurations
  • A deep understanding of incident response processes
  • Clear, concise writing
  • strong documentation habits and async communication
  • Core skills and technologies: Javascript/Browser security, Network Security, Firewalls, Intrusion Detection, Static Analysis, Dynamic Analysis, Container Scanning, Kubernetes, Docker, Helm, Ansible, Terraform, Linux, AWS, DoD compliance, Monitoring and Observability tools
  • 5+ years experience in Cybersecurity, Software Engineering and/or DevOps
  • Familiarity with DevOps practices, CI/CD
Job Responsibility
Job Responsibility
  • Find Vulnerabilities in our Software: Bring an attacker’s mindset to review PRs, perform code audits, and utilize static analysis to identify vulnerable code patterns
  • Fix Vulnerabilities Across the Full Stack: Think like an adversary to find, fix, prevent or patch vulnerabilities from browser to kernel
  • Improve the Security Posture of Infrastructure: Review identity and access management, logging, auditing, monitoring to help craft a layered defense
  • Make the Team Stronger: Mentor other engineers on best security practices, share news of vulnerable libraries and compromises, engage with community on active threats and trends
What we offer
What we offer
  • Equity: Share in the company's success
  • Flexible Work Environment: Remote-first organization* with flexible work hours and unlimited PTO
  • Comprehensive Health Coverage: Health, dental, vision, and life insurance
  • Retirement Plan: 401(k) plan with company match
  • Parental Leave: 8 weeks at 100% regardless of state
  • Company Retreats: Annual company summit trips
  • Home Office Budget: $1,000 per year for home office improvements
  • Fulltime
Read More
Arrow Right