Raptor Technologies
Raptor was founded in 2002 and has partnered with more than 60,000 schools in 55 different countries, including 5,300+ K‑12 U.S. school districts, to provide integrated visitor, volunteer, attendance, dismissal, emergency management, and safeguarding software and services covering the complete spectrum of school and student safety. We are passionate about our mission to protect every child, every school, every day!
About the Role As an Application Security Engineer at Raptor Technologies, you will report directly to the Chief Information Security Officer and be responsible for safeguarding the organization’s SaaS platforms and internal applications. You will identify, validate, and remediate vulnerabilities across a variety of environments while ensuring adherence to Service Level Objectives (SLOs). The role requires strong technical expertise in modern application security tools, testing methodologies, and secure software development practices.
Responsibilities
Perform application security testing (SAST, DAST, SCA, and manual validation) to identify vulnerabilities in web, API, and SaaS applications
Validate reported vulnerabilities from internal scans, bug bounty programs, and third‑party testing vendors (e.g., NetSPI, BugCrowd, HackerOne)
Partner with development and DevOps teams to triage, remediate, and verify fixes for confirmed issues
Manage and track SLOs for vulnerability response and remediation in alignment with security SLAs
Configure, optimize, and maintain the latest AppSec tools and integrations, including but not limited to:
SAST: Checkmarx, Veracode, GitHub Advanced Security
DAST: Burp Suite, Invicti, OWASP ZAP
SCA/Dependency Management: Snyk, Mend, or Dependabot
Cloud/SaaS Security: Wiz, Orca, Netskope
Collaborate with DevSecOps to integrate automated testing into CI/CD pipelines
Maintain dashboards, reports, and KPIs to track open vulnerabilities, SLO compliance, and remediation progress
Support compliance and audit activities related to application security (SOC 2, ISO 27001, PCI)
Contribute to secure coding guidelines, security training, and awareness programs for developers
Stay current on emerging threats, tools, and best practices within the AppSec ecosystem
Success Criteria
Reduction in high‑severity vulnerabilities within targeted SLOs
Increased automation coverage across development pipelines
Positive engagement and collaboration with development and DevOps teams
Continuous improvement of AppSec tools and processes
Required Skills & Experience
5+ years of experience in application security, penetration testing, or secure software development
Strong understanding of OWASP Top 10, CWE, and common web application vulnerabilities
Hands‑on experience with AppSec toolchains (SAST, DAST, SCA, IAST, and container scanning tools)
Ability to perform manual testing to confirm and validate automated findings
Experience with CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI) and security integrations
Experience tracking and managing vulnerabilities in JIRA, ServiceNow, or similar platforms
Familiarity with SaaS security, OAuth, and API testing frameworks (Postman, Insomnia)
Strong documentation, communication, and cross‑functional collaboration skills
Preferred Skills
Experience with bug bounty programs (e.g., BugCrowd, HackerOne)
Knowledge of cloud platforms (AWS, GCP, Azure) and their security models
Relevant certifications (e.g., OSWE, GWAPT, CEH, CSSLP, CISSP, or similar)
Experience establishing or improving AppSec SLO metrics and dashboards
What's in it for you?
You join the gold standard in school safety software.
You will join a company where innovation and customer collaboration are part of what drives new product development to help keep kids safe.
You will work with diverse teams made up of some of the best minds in the industry.
You will get exposure to strong mentorship and leadership that have supported a long history of career advancement opportunities for our employees.
Your access to benefits:
Remote‑first philosophy
Flexible paid time off
Paid parental leave
11 paid holidays per year
Workplace flexibility
Affordable health coverage (medical, dental, vision), paid 100% for employee only medical
401(k) employer contribution to help you plan for the future
Company‑paid life insurance, STD, and LTD
Pet insurance
If you are a resident of California, Colorado, New Jersey, New York or Washington, please reach out to hr@raptortech.com for a reasonable estimate of annual base compensation and any eligible incentive compensation. The actual compensation offered to successful candidates for roles may be higher or lower, based on non‑discriminatory criteria including but not limited to relevant professional experience, geographic location, knowledge, skills, and abilities. This range will be reviewed on a regular basis.
Raptor Technologies is an Equal Opportunity Employer, providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, veteran status, or any other characteristic protected by applicable federal, state, or local law. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, compensation, training, promotion, transfer, leaves of absence, and termination.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries Technology, Information and Internet
#J-18808-Ljbffr
About the Role As an Application Security Engineer at Raptor Technologies, you will report directly to the Chief Information Security Officer and be responsible for safeguarding the organization’s SaaS platforms and internal applications. You will identify, validate, and remediate vulnerabilities across a variety of environments while ensuring adherence to Service Level Objectives (SLOs). The role requires strong technical expertise in modern application security tools, testing methodologies, and secure software development practices.
Responsibilities
Perform application security testing (SAST, DAST, SCA, and manual validation) to identify vulnerabilities in web, API, and SaaS applications
Validate reported vulnerabilities from internal scans, bug bounty programs, and third‑party testing vendors (e.g., NetSPI, BugCrowd, HackerOne)
Partner with development and DevOps teams to triage, remediate, and verify fixes for confirmed issues
Manage and track SLOs for vulnerability response and remediation in alignment with security SLAs
Configure, optimize, and maintain the latest AppSec tools and integrations, including but not limited to:
SAST: Checkmarx, Veracode, GitHub Advanced Security
DAST: Burp Suite, Invicti, OWASP ZAP
SCA/Dependency Management: Snyk, Mend, or Dependabot
Cloud/SaaS Security: Wiz, Orca, Netskope
Collaborate with DevSecOps to integrate automated testing into CI/CD pipelines
Maintain dashboards, reports, and KPIs to track open vulnerabilities, SLO compliance, and remediation progress
Support compliance and audit activities related to application security (SOC 2, ISO 27001, PCI)
Contribute to secure coding guidelines, security training, and awareness programs for developers
Stay current on emerging threats, tools, and best practices within the AppSec ecosystem
Success Criteria
Reduction in high‑severity vulnerabilities within targeted SLOs
Increased automation coverage across development pipelines
Positive engagement and collaboration with development and DevOps teams
Continuous improvement of AppSec tools and processes
Required Skills & Experience
5+ years of experience in application security, penetration testing, or secure software development
Strong understanding of OWASP Top 10, CWE, and common web application vulnerabilities
Hands‑on experience with AppSec toolchains (SAST, DAST, SCA, IAST, and container scanning tools)
Ability to perform manual testing to confirm and validate automated findings
Experience with CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI) and security integrations
Experience tracking and managing vulnerabilities in JIRA, ServiceNow, or similar platforms
Familiarity with SaaS security, OAuth, and API testing frameworks (Postman, Insomnia)
Strong documentation, communication, and cross‑functional collaboration skills
Preferred Skills
Experience with bug bounty programs (e.g., BugCrowd, HackerOne)
Knowledge of cloud platforms (AWS, GCP, Azure) and their security models
Relevant certifications (e.g., OSWE, GWAPT, CEH, CSSLP, CISSP, or similar)
Experience establishing or improving AppSec SLO metrics and dashboards
What's in it for you?
You join the gold standard in school safety software.
You will join a company where innovation and customer collaboration are part of what drives new product development to help keep kids safe.
You will work with diverse teams made up of some of the best minds in the industry.
You will get exposure to strong mentorship and leadership that have supported a long history of career advancement opportunities for our employees.
Your access to benefits:
Remote‑first philosophy
Flexible paid time off
Paid parental leave
11 paid holidays per year
Workplace flexibility
Affordable health coverage (medical, dental, vision), paid 100% for employee only medical
401(k) employer contribution to help you plan for the future
Company‑paid life insurance, STD, and LTD
Pet insurance
If you are a resident of California, Colorado, New Jersey, New York or Washington, please reach out to hr@raptortech.com for a reasonable estimate of annual base compensation and any eligible incentive compensation. The actual compensation offered to successful candidates for roles may be higher or lower, based on non‑discriminatory criteria including but not limited to relevant professional experience, geographic location, knowledge, skills, and abilities. This range will be reviewed on a regular basis.
Raptor Technologies is an Equal Opportunity Employer, providing equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, veteran status, or any other characteristic protected by applicable federal, state, or local law. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, compensation, training, promotion, transfer, leaves of absence, and termination.
Seniority Level Mid‑Senior level
Employment Type Full‑time
Job Function Information Technology
Industries Technology, Information and Internet
#J-18808-Ljbffr