Position Details

Salary $120K – $165K USD / year

Type Full-Time

Experience senior

Exp. Years Not specified

Education Not specified

Category Cybersecurity

About this role

This role involves managing application security programs, identifying vulnerabilities, and guiding development teams to implement security best practices. The engineer will lead security testing, threat assessments, and incident response efforts.

Key Responsibilities

Manage bug bounty program
Identify and remediate vulnerabilities
Lead threat modeling exercises
Perform security assessments
Mentor engineers on security practices

Technical Overview

The position requires expertise in vulnerability management, penetration testing, security architecture, and security tools such as SAST, SCA, IAST, RASP, and WAF. The candidate will support secure SDLC processes and security incident handling.

Ideal Candidate

The ideal candidate is a senior cybersecurity professional with extensive experience in application security, vulnerability management, and penetration testing. They possess strong knowledge of security tools and secure development practices, and are capable of leading security initiatives and mentoring junior engineers.

Must-Have Skills

Vulnerability ManagementWeb Penetration TestingThreat ModelingIncident ResponseSecurity ToolingSecure SDLCCode reviewsSecurity Architecture

Nice-to-Have Skills

CVSSSASTSCAIASTRASPWAFCNAPPCSPM

Tools & Platforms

SASTSCAIASTRASPWAFCNAPPCSPM

Required Skills

Vulnerability ManagementWeb Penetration TestingThreat ModelingIncident ResponseSecurity ToolingSecure SDLCCode reviewsStatic analysisDynamic analysisSecurity architecture

Hard Skills

Bug bounty programVulnerability ManagementSASTSCAIASTWeb Penetration TestingThreat ModelingRisk AssessmentIncident ResponseSecurity ToolingSASTSCADASTIASTRASPWAFASPMCNAPPCSPMSecure SDLCCode reviewsStatic analysisDynamic analysisCI/CD pipelineSecurity architectureDesign security systemsMentorshipSecure coding practices

Soft Skills

CommunicationLeadershipTeamworkProblem-solvingMentorshipCollaborationEducation

Industry & Role

Industry Technology

Job Function Lead application security initiatives and vulnerability management

Role Subtype Security Engineer

Tech Domains Cybersecurity

Keywords for Your Resume

Application SecurityBug bountyVulnerability ManagementSASTSCAIASTWeb Penetration TestingThreat ModelingRisk AssessmentIncident ResponseSecurity ToolingSecure SDLCCode reviewsStatic analysisDynamic analysisCI/CD pipelineSecurity architectureSecurity principlesVulnerability assessmentPenetration testingSecurity vulnerabilitiesCybersecurityPenetration TestingCode ReviewStatic AnalysisDynamic Analysis

Deal Breakers

Lack of experience in vulnerability management, No knowledge of security testing tools, No experience with secure SDLC, Unwillingness to mentor or lead, No security certifications

Apply for this Position →

Get matched to jobs like this

Luna finds roles that fit your skills and career goals — no endless scrolling required.

Create a Free Profile

Senior Application Security Engineer II

Get matched to jobs like this