As a Senior Security Application Engineer, you’ll play a crucial role in protecting our applications and customer data by embedding security best practices into the development lifecycle. If you thrive in a fast-paced environment, have a deep understanding of application security, and love working with diverse technologies, this is the role for you!

What You’ll Do

Secure Our Applications: Partner with software engineering teams to integrate security best practices into the SDLC.
Identify & Fix Vulnerabilities: Conduct security assessments, code reviews, and penetration testing using SAST, DAST, and SCA tools.
Stay Ahead of Threats: Monitor emerging security threats and implement proactive defenses to safeguard sensitive customer data.
Enhance CI/CD Security: Maintain and improve security tools and processes within CI/CD pipelines for scalable security enforcement.
Investigate & Respond: Assist in security incident response, mitigating risks and strengthening prevention strategies.
Educate & Mentor: Guide developers on secure coding practices and foster a security-first culture.
Document & Communicate: Maintain detailed security documentation and provide regular updates to leadership.

Qualifications

What We’re Looking For

A security expert with deep knowledge of application security principles and best practices.
A collaborative partner who can work with developers, product managers, and leadership to align security goals.
A proactive problem-solver who anticipates threats and designs solutions before issues arise.
A technical mentor who enjoys educating teams on secure coding and security awareness.
A detail-oriented professional with strong analytical and documentation skills.

Must-Have Skills & Experience

5+ years of experience in application security or a related field.
Strong programming skills in multiple languages (e.g., C#, Java, Python, JavaScript).
Proficiency with security tools like SAST (Snyk, Checkmarx, SonarQube), DAST (OWASP ZAP, Burp Suite), and SCA (Snyk, Dependabot).
Experience securing CI/CD pipelines (e.g., Jenkins, GitLab, Azure DevOps).
Familiarity with cloud environments (AWS, Azure) and cloud-native security practices.
Knowledge of security frameworks (OWASP Top 10, NIST, ISO 27001).
Bachelor’s degree in Computer Science, Cybersecurity, or a related field.

Nice-to-Haves

8+ years of experience in security, software development, or a related field.
Professional certifications such as CISSP, CISM, CEH, or similar.
Experience working with non-profits, fitness centers, or membership-based organizations.

Additional Information

The salary range for this role is $137,000 - $181,000 per year and includes a variable compensation target of $40,000. Where you fall within the compensation range is based on how you demonstrate the attributes and competencies required for the role. We mostly reserve the upper half of our compensation bands for internal growth. In addition to base salary, we offer a comprehensive benefits package, performance-based incentives, and opportunities for growth.

#LI-Remote

Daxko is dedicated to pursuing and hiring a diverse workforce. We are committed to diversity in the broadest sense, including thought and perspective, age, ability, nationality, ethnicity, orientation, and gender. The skills, perspectives, ideas, and experiences of all of our team members contribute to the vitality and success of our purpose and values.

We truly care for our team members, and this is reflected through our offices, and benefits, and great perks. These perks are only for our full-time team members. Some of our favorites include:

🏝 Flexible paid time off
⚕️ Affordable health, dental, and vision insurance options
💪 Monthly fitness reimbursement
🤑 401(k) matching
🍼 New-Parent Paid Leave
👖 Casual work environments
🏡 Remote work

All your information will be kept confidential according to EEO guidelines.