Branch
501 - 1000 employees
Founded 2014
🔌 API
🤝 B2B
☁️ SaaS
💰 $282M Series F on 2022-02
API • B2B • SaaS
Branch is a mobile growth company that provides a comprehensive growth platform designed to maximize the value of digital strategies. Their services focus on improving customer engagement, optimizing advertising performance through sophisticated attribution, and ensuring compliance with data protection regulations. Serving over 100,000 companies from startups to Fortune 500 brands, Branch helps businesses create seamless user experiences across various channels, drive conversions, and achieve significant growth in mobile apps and engagement metrics.
Senior Application Security Engineer
Job not on LinkedIn
🕒 April 15
🇺🇸 United States – Remote
💵 $180k - $190k / year
⏰ Full Time
🟠 Senior
💻 Application Engineer
🦅 H1B Visa Sponsor
📊 Check your resume score for this job
Improve your chances of getting an interview by checking your resume score before you apply.
Branch
501 - 1000 employees
Founded 2014
🔌 API
🤝 B2B
☁️ SaaS
💰 $282M Series F on 2022-02
API • B2B • SaaS
Branch is a mobile growth company that provides a comprehensive growth platform designed to maximize the value of digital strategies. Their services focus on improving customer engagement, optimizing advertising performance through sophisticated attribution, and ensuring compliance with data protection regulations. Serving over 100,000 companies from startups to Fortune 500 brands, Branch helps businesses create seamless user experiences across various channels, drive conversions, and achieve significant growth in mobile apps and engagement metrics.
📋 Description
• Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused AppSec training • Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces • Drive API security across internal and external services — including authentication, authorization, rate limiting, and abuse prevention controls • Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination • Champion software supply chain security initiatives, including SBOM generation, dependency risk analysis, and third-party component vetting • Assist GRC with technical third-party risk reviews and vendor security assessments • Respond to and lead security incidents in a measured, programmatic, and timely manner — from identification through post-incident review • Implement and iterate on security automation and orchestration to improve detection, response, and coverage at scale • Implement, monitor, and continuously improve security controls across cloud infrastructure, endpoints, and the product • Assess and mitigate AI-specific security risks across Branch's use of LLMs and AI-powered features, including prompt injection, model abuse, and insecure output handling
🎯 Requirements
• 5–7 years of experience in a security engineering or application security role, ideally within a fintech or high-growth startup environment • Strong communication skills — able to translate technical risk clearly for both engineering audiences and senior leadership • Hands-on SAST/DAST experience; familiarity with tools such as Semgrep, Snyk, Checkmarx, Burp Suite Pro, or equivalents • Demonstrated ability to independently work security incidents end-to-end — including malware, phishing, DLP events, and API abuse • Experience securing cloud-native environments, including IAM, container/Kubernetes workloads, and serverless functions • Solid working knowledge of API security standards (OWASP API Top 10, OAuth 2.0/OIDC, JWT hardening) • Experience with mobile application security testing (iOS/Android) is a plus • Familiarity with security frameworks including SOC 2, PCI-DSS, NIST CSF, and OWASP SAMM • Scripting proficiency in Python and/or Bash for automation and tooling; experience with security orchestration platforms (e.g., Tines, XSOAR, Torq) is a plus • Strong ethics and discretion — this role regularly handles confidential and sensitive information • Familiarity with AI/LLM security risks and emerging standards (OWASP LLM Top 10, MITRE ATLAS) — including prompt injection, data leakage through model outputs, and supply chain risks introduced by third-party AI services • Security certifications a plus (OSCP, GWEB, CISSP, SANS GWAPT, etc.)
🏖️ Benefits
• Market-leading medical, dental, and vision insurance • Stock options • Free Premium-Tier Origin Financial Wellness subscription • Monthly home-office stipend • 401k (TransAmerica) • 12-weeks paid parental leave for birthing and non-birthing parents • Flexible time off + sick and safe time • 11 paid company holidays
Apply NowSimilar Jobs
🕒 April 15
Field Application Engineer providing technical support to Aerospace & Defense for PCB design and manufacturing. Focusing on DFM and collaboration with customer engineering teams in a remote capacity.
🕒 April 12
Field Application Engineer collaborating with customers to integrate Voltai's hardware systems. Providing technical support and translating requirements for design teams.
🕒 April 10
Applications Engineer at Phillips transforming technical education in CNC machining and CAM programming. Bridging the gap between raw hardware and peak manufacturing performance with expert technical support.
🕒 April 10
Technical Application Engineer collaborating with Sales Directors to scope and recommend technical solutions for utility customers. Delivering demonstrations and providing comprehensive support across sales processes.
🕒 April 9
Senior Application Security Engineer securing the development pipeline and customer environment at Temporal. Collaborating with engineering teams to integrate security principles and improve developer experience.
🇺🇸 United States – Remote
💵 $140k - $175k / year
💰 $75M Series B on 2023-02
⏰ Full Time
🟠 Senior
💻 Application Engineer
🦅 H1B Visa Sponsor
