Jobs · himalayas
Senior Application Security Engineer
Lumen Dynamics · Australia, Canada, France, Germany, Netherlands, United Kingdom, United States · Posted 24d ago
About the role
Own the application security program, identifying risks and driving initiatives for improvement.
Lumen Dynamics is a continuous controls monitoring (CCM) platform that helps organizations automate and scale their security, risk, and compliance programs. We are at an inflection point, transitioning from startup execution to a disciplined, enterprise-ready engineering organization, and we are building the team that will take us there. As a platform handling sensitive security and regulatory data for enterprise and government customers, security is not a compliance checkbox at Lumen Dynamics . It is a core engineering discipline woven into how we build software. The Role This is a high autonomy role for a seasoned security engineer who thrives at the center of a complex engineering organization. You are the primary application security practitioner at Lumen Dynamics . You identify where the risk is, build the strategy to address it, and drive initiatives from concept to measurable improvement without a team beneath you and without direct authority over the engineers you depend on to execute. Your reach spans all of engineering including Core Engineering, Platform and AI, Compliance as Code, Quality Engineering, SRE, Infrastructure, and the external security team. You succeed by making engineers more security conscious and embedding security into how software is designed, built, and deployed rather than finding vulnerabilities after the fact. Lumen Dynamics serves enterprises and government agencies under frameworks like FedRAMP, NIST, and CMMC. This role reports into SRE and Infrastructure and requires deep technical security expertise combined with the organizational influence and end to end ownership mindset needed to make security a shared engineering value. Key Responsibilities Own the application security program end to end, identifying risks, setting priorities, building strategy, aligning stakeholders, driving implementation across engineering teams, and measuring outcomes. Conduct threat modeling and security design reviews early in the development process, embedding security thinking into architecture and feature design before code is written. Partner with developers across all engineering teams to shift security left, coaching on secure coding practices, reviewing code for vulnerabilities, and building security awareness as a shared engineering capability rather than a specialized handoff. Integrate security tooling and automated security checks into CI/CD pipelines including static analysis, dependency scanning, and secrets detection, ensuring actionable security signals. Own vulnerability management across the platform, triaging findings from internal testing, external assessments, and tooling, prioritizing remediation based on risk, and driving resolution to completion. Lead and coordinate penetration testing and security assessments, working with internal and external resources to scope, execute, and translate findings into engineering action. Define and maintain secure development standards and patterns that engineering teams can adopt, covering areas such as authentication, authorization, API security, and data-handling. Bridge engineering and the external security team, translating security requirements into engineering priorities and engineering constraints into security strategy, ensuring both sides operate with shared context and mutual accountability. Support compliance and regulatory requirements including FedRAMP, NIST, and enterprise customer security obligations, working with the Compliance as Code team to ensure security controls are implemented and evidenced effectively. Assess and address security risks introduced by AI features and integrations, including prompt injection, data exposure through AI interfaces, and third-party model risks, working closely with the Platform and AI team to ensure AI capabilities are built and deployed securely. Build visibility into the security posture of the platform through metrics, dashboards, and reporting that inform engineering leadership and support customer and auditor conversations. Required Qualifications 10 or more years of application security experience with a demonstrated track record of owning security programs and driving initiatives end to end across complex engineering organizations. Deep expertise across the application security domain including threat modeling, secure design review, vulnerability assessment, penetration testing, and secure development practices. Proven ability to operate as a solo practitioner or small team lead, setting priorities independently, managing competing demands, and delivering outcomes without close supervision. Strong experience influencing engineering teams without direct authority, building credibility through technical depth, clear communication, and practical solutions that fit the realities of product delivery. Experience integrating security into CI/CD pipelines and modern software delivery practices, with a shift left mindset that prioritizes prevention over detection. Solid understanding of cloud security princip
Read the full posting on himalayas →
FAQ
Is the Senior Application Security Engineer role at Lumen Dynamics remote?+
This Senior Application Security Engineer position is listed as remote (Australia, Canada, France, Germany, Netherlands, United Kingdom, United States).
What is the salary for the Senior Application Security Engineer role at Lumen Dynamics?+
The listing states Estimated 100k-231k USD.
What seniority level is this Senior Application Security Engineer role?+
This is a senior level position.
How do I apply for the Senior Application Security Engineer role at Lumen Dynamics?+
Use the "Apply on himalayas" button to open the original posting on himalayas, where you can submit your application directly to Lumen Dynamics.