Application Security Engineer

LinearB is a leading software engineering intelligence platform that empowers engineering teams with actionable insights and workflow automation. Our solutions help improve developer productivity and experience, enable predictable project delivery, and drive profitable engineering. Join us to be part of an innovative company driving efficiency and excellence in software development.

We are looking for an experienced and proactive Application Security Engineer to join our Security team. This role is crucial for implementing and maintaining our Secure Software Development Lifecycle (SSDL), working closely with development and DevOps teams.

The ideal candidate will have a strong background in application security, with experience in secure coding practices, security tooling, and cloud infrastructure security.

Responsibilities:

• Build and maintain our Secure Software Development Lifecycle (SSDL) by implementing industry-standard security tools and best practices throughout the development process
• Lead security assessments, including code reviews, vulnerability scanning, and threat modeling to ensure robust application security
• Work closely with development and DevOps teams to implement security practices and automate security testing in our cloud environment (AWS)
• Monitor and respond to security incidents while maintaining and improving our security policies and standards
• Drive security initiatives across the organization and provide guidance on secure coding practices to development teams
• Design and implement security solutions to protect against common web application threats and vulnerabilities
• Deliver security awareness training and build a security-first culture across the engineering organization
  
  

• 5+ years of hands-on experience in Application Security or DevSecOps, preferably in a product company or startup environment
• Strong knowledge of application security concepts, web security protocols, and OWASP Top 10 vulnerabilities
• Experience with security testing tools (SAST, DAST, SCA) and their integration into CI/CD pipelines
• Practical experience with cloud security (AWS) and container security (Kubernetes)
• Working knowledge of at least one programming language (Python, JavaScript, or Bash) for security automation
• Excellent communication skills with the ability to explain security concepts to both technical and non-technical stakeholders
• Experience in delivering effective security training and education to development teams
  
  

• Security certifications (AWS, CISSP, Kubernetes)
• Background in incident response and threat modeling
  
  

• Put the Customer First
• Take Ownership
• One Team
• Show Product Expertise
• Be Data Driven
• Reach for the Next Level
• Listen Curiously & Speak Courageously