Application Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Crux Security · 5 months ago

Application Security Engineer

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level
date4+ years exp

Crux Security is a dynamic startup focused on securing humanoid robotics applications. As an Application Security Engineer, you will lead the charge in safeguarding software applications, designing defenses against vulnerabilities, and collaborating with cross-functional teams to ensure a cohesive security posture.

Cyber SecurityNetwork HardwareSecurity

Responsibilities

Develop and enforce secure coding standards for humanoid robotics applications (e.g., real-time control GUIs, teleoperation apps, behavior scripting tools), integrating protections like input sanitization, multi-factor authentication, and secure session handling
Conduct threat modeling to pinpoint and neutralize risks—such as SQL injection in telemetry dashboards, XSS in user portals, or API abuse in command interfaces—specific to humanoid robot interactions
Secure RESTful APIs, GraphQL endpoints, and cloud integrations that enable robot-to-cloud communication, implementing OAuth 2.0, JWT, and TLS 1.3 to protect data flows like motion telemetry or voice commands
Partner with software developers to embed security throughout the SDLC, deploying SAST , DAST , and SCA to catch vulnerabilities and third-party risks early
Work with cloud engineers to harden IaC , Kubernetes clusters, and OTA pipelines delivering behavior updates to robots
Collaborate with embedded security engineers to ensure secure handoffs between app-layer controls and firmware
Coordinate with AI/ML teams to protect inference endpoints against data poisoning or model inversion
Lead rigorous testing with SAST (static analysis), DAST (dynamic testing), and SCA (dependency scanning) tools; conduct penetration tests (e.g., exploiting API rate limits) and integrate automated security gates into CI/CD pipelines (e.g., GitLab CI, Jenkins)
Drive rapid response to app-layer breaches—like compromised user portals or OTA hijacking—working cross-functionally to contain, mitigate, and log incidents with tools
Align security with OWASP Top 10, NIST 800-53, and robotics-specific regs, ensuring audit-ready systems
Explore advanced app security paradigms to future-proof our humanoid robots against evolving threats

Qualification

Application SecuritySASTDASTSCAAPI SecurityPythonJavaGoCloud SecurityCI/CDProactive MindsetCollaboration

Required

4–6+ years in application security, software engineering, or DevSecOps, ideally in humanoid robotics, IoT, or real-time systems
Demonstrated success securing web, mobile, or cloud apps in production, with hands-on SAST/DAST/SCA experience
Expertise in secure coding with Python, Java, or Go; familiarity with C/C++ for ROS integration a plus
Mastery of security tools: SAST, DAST, & SCA
Strong grasp of API security, encryption, and cloud platforms
Proficiency with CI/CD and container security
Experience with robotics frameworks like ROS/ROS 2 for app-to-robot communication a plus
Bachelor's degree in Computer Science, Cybersecurity, or related field (Master's or certs like CSSLP, GWAPT preferred)
Skilled at partnering with software, cloud, embedded, and AI teams, driving security consensus in a robotics context
Startup-savvy—proactive, innovative, and passionate about securing humanoid robotics applications

Preferred

Background in securing human-robot interfaces (e.g., gesture UIs, voice controls)
Experience with AI-driven app security or real-time teleoperation systems

Company

Crux Security

twittertwitter
company-logo
Crux Security provides tools for developing and managing security programs for growing companies.
location
Cedar Park, Texas, USA
people-size2-10 employees
web-link
https://www.cruxsecurity.ai

Funding

Current Stage
Early Stage
Company data provided by crunchbase