Jobs · himalayas

B

Senior Application Security Engineer

Vantage Compute · United States · Posted 30d ago

remotesenior5-8 yrsEstimated 100k-231k USD
Apply on himalayas

About the role

Lead application security assessments and embed security into the SDLC by partnering with engineering teams.

About us: Vantage Compute is on a mission to empower workers with financial freedom. We do this by helping companies accelerate payments and providing working Americans with accessible, free financial services. We’re committed to building and delivering more inclusive, transparent, and frictionless financial products. Our goal of empowerment extends to our own employees, too. Have a great idea? Share it today and it might just get implemented tomorrow. As a member of our team, your voice and creativity matter—and they can directly impact our products, company, and culture. We not only focus on attracting great talent from across the country, but also on building teams that help that talent thrive. That means valuing a diversity of opinions and working styles, while creating a shared belief in innovation, initiative, and winning together. Come join our team as we develop new ways to improve the lives of working Americans. About the role: Vantage Compute is seeking an experienced Security professional to join our team. This position will work in all aspects of security, so broad security knowledge is preferred. The ideal candidate will have a background in securing applications, networks, cloud environments, and corporate devices. Responsibilities include, but are not limited to: Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces Drive API security across internal and external services — including authentication, authorization, rate limiting, and abuse prevention controls Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination Champion software supply chain security initiatives, including SBOM generation, dependency risk analysis, and third-party component vetting Assist GRC with technical third-party risk reviews and vendor security assessments Respond to and lead security incidents in a measured, programmatic, and timely manner — from identification through post-incident review Implement and iterate on security automation and orchestration to improve detection, response, and coverage at scale Implement, monitor, and continuously improve security controls across cloud infrastructure, endpoints, and the product Assess and mitigate AI-specific security risks across Vantage Compute 's use of LLMs and AI-powered features, including prompt injection, model abuse, and insecure output handling Qualifications: 5–7 years of experience in a security engineering or application security role, ideally within a fintech or high-growth startup environment Strong communication skills — able to translate technical risk clearly for both engineering audiences and senior leadership Hands-on SAST/DAST experience; familiarity with tools such as Semgrep, Snyk, Checkmarx, Burp Suite Pro, or equivalents Demonstrated ability to independently work security incidents end-to-end — including malware, phishing, DLP events, and API abuse Experience securing cloud-native environments, including IAM, container/Kubernetes workloads, and serverless functions Solid working knowledge of API security standards (OWASP API Top 10, OAuth 2.0/OIDC, JWT hardening) Experience with mobile application security testing (iOS/Android) is a plus Familiarity with security frameworks including SOC 2, PCI-DSS, NIST CSF, and OWASP SAMM Scripting proficiency in Python and/or Bash for automation and tooling; experience with security orchestration platforms (e.g., Tines, XSOAR, Torq) is a plus Strong ethics and discretion — this role regularly handles confidential and sensitive information Familiarity with AI/LLM security risks and emerging standards (OWASP LLM Top 10, MITRE ATLAS) — including prompt injection, data leakage through model outputs, and supply chain risks introduced by third-party AI services Security certifications a plus (OSCP, GWEB, CISSP, SANS GWAPT, etc.) Compensation: The base salary range for this role is $180-190k. The salary range displayed reflects an average base salary range for the position across all the U.S. The base salary offered to an applicant could be higher or lower based on each applicant's specific skill set, depth of experience, relevant education or training, etc. Location: This position is classified as REMOTEwithin the United States of America. We are unable to hire candidates located outside of the domestic U.S. Benefits: Market-leading medical, dental, and vision insurance Stock options Free Premium-Tier Origin Financial Wellness subscription Monthly home-office stipend 401k (TransAmerica) 12-weeks paid parental leave for birthing and non-birthing parents Flexible time off + sick and safe time 11 paid company holidays Working at Vantage Compute A remote-first company with employees located throughout the U.S., Vantage Compute

Read the full posting on himalayas

FAQ

Is the Senior Application Security Engineer role at Vantage Compute remote?+

This Senior Application Security Engineer position is listed as remote (United States).

What is the salary for the Senior Application Security Engineer role at Vantage Compute?+

The listing states Estimated 100k-231k USD.

What seniority level is this Senior Application Security Engineer role?+

This is a senior level position.

How do I apply for the Senior Application Security Engineer role at Vantage Compute?+

Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Vantage Compute.