Imprint
Senior Application Security Engineer
Imprint, San Francisco, California, United States, 94199
Overview
Senior Application Security Engineer at Imprint. This role focuses on designing and implementing security practices within applications, conducting testing, and enabling engineering teams to proactively address vulnerabilities. This range is provided by Imprint. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$170,000.00/yr - $220,000.00/yr Location
This is a hybrid role, splitting your time between remote work and 2–3 days per week on-site at our New York City, San Francisco or Seattle offices (as required by your manager). What You’ll Do
Conduct systematic threat modeling (e.g., leveraging the MITRE ATT&CK framework) to identify risks, define attack paths, and propose mitigations early in the development lifecycle. Perform in-depth security architecture reviews to ensure applications and microservices follow secure design principles. Collaborate with engineering teams to conduct code reviews, pinpoint vulnerabilities, and champion OWASP Top 10 best practices. Integrate SAST and DAST into CI/CD pipelines, ensuring continuous and automated detection of security flaws. Analyze testing reports and guide teams toward swift, effective remediation strategies. Perform or coordinate targeted penetration tests on critical applications and systems. Document findings and partner with engineers to implement sustainable fixes. Advise on symmetric and asymmetric encryption mechanisms to safeguard data at rest and in transit. Oversee secure key management, ensuring cryptographic libraries and protocols are properly utilized. Develop and deliver training on secure coding fundamentals and OWASP principles. Lead the shift-left security movement by embedding security considerations in early stages of development—a strong development background is required to effectively collaborate and coach. Investigate and document application-focused security incidents. Maintain and refine incident response playbooks, integrating lessons learned into ongoing improvements. Align AppSec practices with PCI DSS, SOC 2, and relevant frameworks to support regulatory audits. Work closely with Risk, Fraud, and Compliance teams to ensure continuous alignment between engineering, security, and business goals. What We Look For
5+ years in cybersecurity, specifically focused on Application Security. Hands-on coding experience and familiarity with modern development stacks (e.g., microservices, REST APIs, containerized environments). Proficiency with SAST/DAST tools, threat modeling methodologies (e.g., MITRE ATT&CK), cryptography concepts (key management, encryption standards), and cloud security services (AWS, GCP, or Azure). Excellent communication, collaboration, and problem-solving skills in a fast-paced, cross-functional setting. Nice To Have
Industry certifications (CISSP, CSSLP, OSCP, CEH) and experience with compliance frameworks (PCI DSS, SOC 2, ISO 27001). Exposure to fintech/payments environments. Perks & Benefits
Competitive compensation and equity packages Flexible paid time off Fully covered, high-quality healthcare, including fully covered dependent coverage Additional health coverage includes access to One Medical and the option to enroll in an FSA 16 weeks of paid parental leave for the primary caregiver and 8 weeks for all new parents Access to industry-leading technology across all of our business units Imprint is committed to a diverse and inclusive workplace. Imprint is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. Imprint welcomes talented individuals from all backgrounds who want to build the future of payments and rewards. If you are passionate about FinTech and eager to grow, let’s move the world forward, together. Compensation Range: $170K - $220K Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology
#J-18808-Ljbffr
Senior Application Security Engineer at Imprint. This role focuses on designing and implementing security practices within applications, conducting testing, and enabling engineering teams to proactively address vulnerabilities. This range is provided by Imprint. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more. Base pay range
$170,000.00/yr - $220,000.00/yr Location
This is a hybrid role, splitting your time between remote work and 2–3 days per week on-site at our New York City, San Francisco or Seattle offices (as required by your manager). What You’ll Do
Conduct systematic threat modeling (e.g., leveraging the MITRE ATT&CK framework) to identify risks, define attack paths, and propose mitigations early in the development lifecycle. Perform in-depth security architecture reviews to ensure applications and microservices follow secure design principles. Collaborate with engineering teams to conduct code reviews, pinpoint vulnerabilities, and champion OWASP Top 10 best practices. Integrate SAST and DAST into CI/CD pipelines, ensuring continuous and automated detection of security flaws. Analyze testing reports and guide teams toward swift, effective remediation strategies. Perform or coordinate targeted penetration tests on critical applications and systems. Document findings and partner with engineers to implement sustainable fixes. Advise on symmetric and asymmetric encryption mechanisms to safeguard data at rest and in transit. Oversee secure key management, ensuring cryptographic libraries and protocols are properly utilized. Develop and deliver training on secure coding fundamentals and OWASP principles. Lead the shift-left security movement by embedding security considerations in early stages of development—a strong development background is required to effectively collaborate and coach. Investigate and document application-focused security incidents. Maintain and refine incident response playbooks, integrating lessons learned into ongoing improvements. Align AppSec practices with PCI DSS, SOC 2, and relevant frameworks to support regulatory audits. Work closely with Risk, Fraud, and Compliance teams to ensure continuous alignment between engineering, security, and business goals. What We Look For
5+ years in cybersecurity, specifically focused on Application Security. Hands-on coding experience and familiarity with modern development stacks (e.g., microservices, REST APIs, containerized environments). Proficiency with SAST/DAST tools, threat modeling methodologies (e.g., MITRE ATT&CK), cryptography concepts (key management, encryption standards), and cloud security services (AWS, GCP, or Azure). Excellent communication, collaboration, and problem-solving skills in a fast-paced, cross-functional setting. Nice To Have
Industry certifications (CISSP, CSSLP, OSCP, CEH) and experience with compliance frameworks (PCI DSS, SOC 2, ISO 27001). Exposure to fintech/payments environments. Perks & Benefits
Competitive compensation and equity packages Flexible paid time off Fully covered, high-quality healthcare, including fully covered dependent coverage Additional health coverage includes access to One Medical and the option to enroll in an FSA 16 weeks of paid parental leave for the primary caregiver and 8 weeks for all new parents Access to industry-leading technology across all of our business units Imprint is committed to a diverse and inclusive workplace. Imprint is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. Imprint welcomes talented individuals from all backgrounds who want to build the future of payments and rewards. If you are passionate about FinTech and eager to grow, let’s move the world forward, together. Compensation Range: $170K - $220K Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology
#J-18808-Ljbffr