Python/Django Senior Application Security Engineer (Hybrid - US) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Energy Solutions · 4 hours ago

Python/Django Senior Application Security Engineer (Hybrid - US)

positionRemote - US
timeFull-time
remoteHybrid
senioritySenior Level
money$119K/yr - $147K/yr
date5+ years exp

Energy Solutions is a growing company focused on delivering large-scale energy, carbon, and water-use savings. They are seeking a Senior Application Security Engineer to manage security and risk on internally developed applications, make risk-based decisions on application security, and contribute to the design and upgrade of application security controls.

Information Technology & Services
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Contribute to the application security roadmap for our internal applications—prioritize risks and sequence work across codebases, application layer, and DevOps
Consult with engineers to communicate requirements, create actionable tickets/acceptance criteria, and drive adoption
Conduct pull request reviews focused on security, provide guidance on refactors, and approve/deny with clear rationale
Serve as a steward for SAST/scanning: review static code scan results, triage findings, eliminate noise, and drive remediation with owners
Build reference implementations in Django/Python (i.e. authentication patterns, input validation, secrets handling, rate limiting, geo-based access) without direct responsibility for production feature development
Map SOC 2/NIST to engineering work: translate requirements into stories, controls, and automated evidence in CI/CD
Threat modeling & architecture: navigate libraries/architectures and document secure patterns (ADRs/RFCs) that teams follow
Oversee security related tasks in the Software Delivery Life Cycle (SDLC) to ensure software development activities remain in compliance
Collaborate with software developers and code base leads
Act as a liaison between technical requirements from the business (i.e. security, privacy, compliance) and development teams
Participate as a subject matter expert in security architecture, including new designs and design reviews
Recommend application security improvements based on best practices, OWASP standards and other web application security frameworks
Review architecture and compliance-related code changes for security impact
Ensure compliance with all company security policies and standards
Manage and maintain all security related tickets, including recommendations, testing, and validation

Qualification

DjangoPythonApplication SecuritySecure SDLCGitHub SecuritySOC 2NIST 800-53AWS SecurityAnalytical SkillsCommunication SkillsTime ManagementInterpersonal SkillsProblem-Solving Skills

Required

Minimum of 5 years' experience in application security experience
Practice and implementation with Django/Python with a clear application-security focus (production experience and impact, not theory)
Engineering background (software or DevOps/SRE) with the ability to read/modify code, review PRs, and build PoCs
Experience with GitHub security, including reviewing static code scans, triage findings, eliminate noise, and drive remediation with owners
Experience embedding secure SDLC into Git-based workflows and CI/CD (pre-commit, pipeline gates, policy-as-code)
Practical knowledge of SOC 2 and familiarity with NIST 800-53; can turn requirements into technical tasks and evidence
Ability to operate across code, app, and DevOps (containers, IaC basics, secrets, logging/monitoring)
Clear, persuasive communication (verbal and written) and prioritization
Excellent time management skills with a proven ability to meet deadlines
Excellent interpersonal and negotiation skills

Preferred

Bachelors degree in Computer Science or equivalent work experience preferred
CISSP, GIAC, Security+, AWS Security and other related security certifications
Prior experience reporting to or partnering with a security architect, or being the app-sec lead in a smaller org
Strong organizational skills and attention to detail
Strong analytical and problem-solving skills
Ability to prioritize tasks according to severity
Ability to adapt to the needs of the organization
Proficient in AWS Security services (I.E. Cloud watch, Guard Duty)

Benefits

Generous retirement package
Medical, dental and vision insurance
Other pre-tax contribution plans
Employee Stock Ownership Plan (ESOP)

Company

Energy Solutions

twittertwitter
company-logo
Energy Solutions is a renewables & environment company.
dateFounded in 1995
location
Oakland, California, USA
people-size201-500 employees
web-link
https://energy-solution.com

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Angela Verdoorn Rodriguez
Chief Financial Officer
linkedin
leader-logo
Chris Burmester
Chief Operating Officer / Executive Vice President
linkedin

Recent News

TradingView
India's Adani Energy Solutions to raise up to $1.5 bln
2024-05-27
Business Standard (India)
Adani Ent, Adani Energy Solutions to consider fundraising next week
2024-05-27
Business Standard (India)
Adani Energy Solutions board approves fundraising of up to Rs 12,500 crore
2024-05-27
Company data provided by crunchbase