Senior Application Security Engineer
US Remote
Kaseya
Kaseya's IT Complete is an integrated and cost-effective platform to manage everything in IT and security.Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.
Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.
Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth.
The Senior Application Security Engineer will be responsible for leading the application security initiatives within our organization. This role involves designing, implementing, and maintaining security protocols and practices to protect the company's applications from threats and vulnerabilities. The ideal candidate will have a deep understanding of application security best practices, experience in leading security teams, and the ability to work closely with development teams to ensure security is integrated into the software development lifecycle (SDLC).
Key Responsibilities:
-
Leadership & Strategy:
- Lead and mentor a team of application security engineers, fostering a culture of security awareness and continuous improvement.
- Develop and implement a comprehensive application security strategy aligned with the organization’s overall security objectives.
- Collaborate with senior management to align security initiatives with business goals.
-
Security Architecture & Design:
- Design and implement security architecture and frameworks for web, mobile, and cloud applications.
- Conduct security reviews and threat modeling to identify potential security issues during the design phase.
- Establish security guidelines and standards for the development teams to follow.
-
Security Assessments & Vulnerability Management:
- Lead the execution of application security assessments, including code reviews, penetration testing, and static/dynamic analysis.
- Manage the identification, tracking, and remediation of security vulnerabilities within applications.
- Work closely with development teams to address security issues and provide guidance on secure coding practices.
-
Development & Automation:
- Integrate security tools and processes into CI/CD pipelines to automate security testing and vulnerability management.
- Develop and maintain security-related automation scripts and tools to enhance the efficiency of the security processes.
- Collaborate with DevOps and development teams to implement secure DevOps (DevSecOps) practices.
-
Incident Response & Compliance:
- Lead incident response efforts related to application security breaches, including root cause analysis and corrective actions.
- Ensure compliance with relevant security standards and regulations (e.g., OWASP, NIST, GDPR).
- Stay up-to-date with the latest security threats, trends, and technologies, and provide recommendations to mitigate potential risks.
-
Training & Awareness:
- Develop and deliver security training programs for developers and other stakeholders.
- Promote a security-first mindset across the organization through awareness campaigns and regular communication.
Qualifications:
-
Education & Experience:
- Bachelor’s degree in Computer Science, Information Security, or a related field (Master’s preferred).
- Minimum of 5+ years of experience in application security
- Extensive experience in secure software development, threat modeling, and vulnerability management.
-
Technical Skills:
- Proficient in programming languages such as Java, Python, C#, or JavaScript.
- Deep knowledge of security frameworks, tools, and best practices (e.g., OWASP, SAST/DAST tools).
- Experience with cloud security (AWS, Azure, GCP) and container security (Docker, Kubernetes).
- Strong understanding of network security, cryptography, and authentication protocols.
-
Soft Skills:
-
- Strong Mentorship and Leadership skills
- Strong analytical and problem-solving abilities.
- Effective communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
Preferred Certifications:
- CISSP (Certified Information Systems Security Professional)
- CEH (Certified Ethical Hacker)
- OSCP (Offensive Security Certified Professional)
- CSSLP (Certified Secure Software Lifecycle Professional)
What We Offer:
- Competitive salary and benefits package.
- Opportunities for professional development and career growth.
- A collaborative and innovative work environment.
Join the Kaseya growth rocket ship and see how we are #ChangingLives !
Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Application security Automation AWS Azure C CEH CI/CD CISSP Cloud Compliance Computer Science Cryptography CSSLP DAST DevOps DevSecOps Docker GCP GDPR Incident response IT infrastructure Java JavaScript Kubernetes Network security NIST Offensive security OSCP OWASP Pentesting Python SAST SDLC Security assessment Security strategy Strategy Vulnerabilities Vulnerability management
Perks/benefits: Career development Competitive pay Equity / stock options Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.