Senior Application Security Engineer

Summary

Join Axon and become a Senior Application Security Engineer, driving security initiatives integrated into the software development lifecycle. You will empower development teams with tools and knowledge to build secure applications, acting as a security partner. Leverage your software development background and application security expertise to build scalable security automation and tooling. Work from home as much as you want, living near any of our US R&D hubs. This role requires strong programming skills, experience with modern development workflows, and in-depth understanding of vulnerabilities and secure coding practices. Axon offers competitive salary, 401k matching, paid time off, parental leave, and various health and wellness benefits.

Requirements

• Proficiency in programming languages like Python, Java, Go, or C#
• Strong experience with modern development workflows, including CI/CD pipelines and Git-based version control
• In-depth understanding of vulnerabilities and secure coding practices
• Hands-on experience with security tools like Snyk, Semgrep, or similar
• Ability to simplify and communicate technical security concepts to diverse audiences
• Demonstrated success in partnering with developers to integrate security without disrupting velocity
• Experience performing secure code reviews and interpreting SAST/DAST results
• Familiarity with cloud platforms (AWS, Azure, GCP) and containerization (Docker, Kubernetes)

Responsibilities

• Integrate Security into Development
• Build and maintain security automation tools to seamlessly embed security checks into CI/CD pipelines
• Partner with engineering teams to design secure-by-default architectures and workflows
• Enable Developer Success
• Act as a trusted advisor and partner for development teams, providing actionable guidance to address security
• Deliver training and mentorship on secure coding practices, empowering teams to proactively prevent vulnerabilities
• Proactively Identify Risks
• Deploy and operationalize static (SAST), dynamic (DAST), and dependency (SCA) scanning tools
• Lead vulnerability management efforts, ensuring critical vulnerabilities are identified, prioritized, and remediated
• Advocate for a "security debt" reduction mindset to maintain long-term product integrity
• Champion Security Automation
• Create and enhance tools that automate repetitive tasks and accelerate vulnerability detection and remediation
• Stay ahead of industry trends to evaluate and implement cutting-edge security solutions

Preferred Qualifications

• Contributions to or leadership in open-source security tools
• Relevant certifications

Benefits

• Competitive salary and 401k with employer match
• Discretionary paid time off
• Paid parental leave for all
• Medical, Dental, Vision plans
• Fitness Programs
• Emotional & Mental Wellness support
• Learning & Development programs