Cyberhaven · 1 month ago
Senior Application Security Engineer
United States
Full-time
Remote
Senior Level
5+ years expCyberhaven is seeking a passionate cyber security professional to identify and remove threats or vulnerabilities in the environment. The Senior Application Security Engineer will partner with the Cybersecurity-Vulnerability Management and Development teams to ensure optimal implementation of security tools and drive vulnerability remediation efforts.
Artificial Intelligence (AI)Cloud SecurityCyber SecurityInformation TechnologyNetwork SecuritySecurity
Responsibilities
Perform Security Assessments: Conduct regular security assessments, code reviews, and penetration testing to identify vulnerabilities in applications and software
Develop / Implement Security Tools: Design, develop, and implement security tools, frameworks, and methodologies to protect applications against security threats
Collaborate with Development Teams: Work closely with development teams to ensure security best practices are integrated throughout the software development lifecycle (SDLC), including secure coding guidelines
Threat Modeling and Risk Assessment: Conduct threat modeling and risk assessments to proactively identify potential risks and develop mitigation strategies
Vulnerability Management: Supporting role to track, analyze, and manage vulnerabilities in applications, providing guidance and support for remediation efforts
Incident Response Support: Assist in investigating, analyzing, and responding to security incidents related to applications, ensuring timely resolution and documentation of incidents
Stay Current on Security Trends: Continuously stay updated on the latest security threats, vulnerabilities, and technologies to enhance security measures in applications
Qualification
Required
5+ years of software development experience, ideally with exposure to information security or AppSec
Strong grasp of secure coding, threat modeling, and vulnerability management across the SDLC
Proficient in Go, Python, or Java, and experienced with CI/CD pipelines and GitHub
Hands-on with security tools and frameworks (SAST, DAST, SCA—e.g., Snyk, Semgrep, OWASP ZAP, Burp)
Understanding of core Information Security capabilities such as: malware, vulnerabilities, exploits, attacks, firewalls, intrusion detection/prevention systems, etc
SME in at least one of the following: Threat and Vulnerability Management, Incident Response, Threat Hunting/Red Teaming, or Penetration Testing
Able to interpret and prioritize security data, partnering effectively with developers to remediate issues
Strong communicator who can influence and collaborate across engineering and security teams
Preferred
Experience with cloud and container security (GCP, Kubernetes, Docker, Terraform)
Familiarity with endpoint and vulnerability management tools (e.g., CrowdStrike Falcon, Wiz)
Relevant certifications (ISC², ISACA, or GCP) and a degree in Computer Science or related field
Background securing AI infrastructure or model deployments
Strong analytical, time management, and problem-solving skills in fast-paced environments
Company
Cyberhaven
Cyberhaven is an AI-powered data security company focused on detecting and preventing data loss, insider threats, and protecting cloud data.
201-500 employees
H1B Sponsorship
Cyberhaven has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2024 (1)
Funding
Current Stage
Late StageTotal Funding
$236.5MKey Investors
StepStone GroupRedpointAccomplice
2025-04-02Series D· $100M
2024-06-11Series C· $88M
2021-12-14Series B· $33M
Leadership Team
Cristian Zamfir
Co-founder / VP Reliability and Security at Cyberhaven
George Candea
Co-founder & Chief Scientist
Recent News
2026-01-06
2025-11-04
Company data provided by crunchbase