Skills
What companies are looking for in this role.
Conducting threat modeling and secure design reviews to identify architectural security risks
Performing manual code reviews and static analysis to identify security vulnerabilities
Integrating security controls into CI/CD pipelines and development workflows
Designing and implementing secure coding standards and guidelines for development teams
Managing vulnerability identification, triage, and remediation processes
Conducting security architecture reviews and implementing security controls across infrastructure
Writing secure code and building security libraries and reusable security components
Architecting authentication and authorization mechanisms including RBAC and ABAC systems
Implementing DevSecOps practices and secure infrastructure-as-code patterns
Securing cloud-native applications and Kubernetes infrastructure
Evaluating and securing software supply chains including SBOM creation and management
Establishing and maintaining compliance with security standards and regulatory requirements
Performing exploit writing and creating exploit chains to validate vulnerabilities
Implementing secrets management and secure credential handling practices
Securing AI and machine learning systems including LLM architectures and training data pipelines
Designing secure controls for emerging AI technologies and novel security risks
Performing security assessments on AI agents and agentic AI systems
Protecting enterprise knowledge graphs and securing multi-tenant AI platforms
Collaborating cross-functionally with engineering, DevOps, and platform teams
Mentoring and training engineers on secure coding practices and security-first mindset
Communicating security risks and vulnerabilities clearly to technical and non-technical stakeholders
Acting as subject matter expert and technical liaison across security and engineering teams
Building scalable security programs and driving organizational security culture
Balancing pragmatism with security rigor in fast-paced engineering environments
Leading incident response activities and vulnerability disclosure programs
Technology
The tools and technologies that define this role.
Open Jobs
40 open Application Security Engineer jobs across 21 companies.
Other Security roles
Secures cloud infrastructure, networks, and systems.
Generalist security engineering role spanning multiple security domains. For security engineers who work across application, infrastructure, and cloud security without a single dominant specialization. The default home for "Security Engineer" titles when the function is clearly Security.
Builds detection systems, investigates security incidents, and leads incident response efforts.
Conducts offensive security assessments including red teaming, penetration testing, and adversarial simulation.
Designs and maintains identity infrastructure, authentication systems, and access control policies.