Senior Security Engineer II, Application Security

🕒 June 25

☕ Washington – Remote

info

💵 $175k - $245k / year

⏰ Full Time

🟠 Senior

💻 Application Engineer

🦅 H1B Visa Sponsor

info
Apply Now
Find Similar Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Logo of Smartsheet

Smartsheet

1001 - 5000 employees

Founded 2005

☁️ SaaS

⚡ Productivity

🤝 B2B

SaaS • Productivity • B2B

Smartsheet is a platform designed to manage projects, automate workflows, and build solutions at scale. It offers a wide range of features including automation, team collaboration, dashboards and reporting, and integrations, allowing businesses to streamline their operations. The platform caters to diverse use cases such as project management, IT portfolio management, marketing management, and more, serving various industries including government, finance, and healthcare. Smartsheet also emphasizes security and data protection, ensuring users' data privacy. Additionally, it offers professional services like consulting, training, and implementation support to maximize the platform's capabilities.

📋 Description

• Conduct security reviews and threat modeling of AI-integrated product features (LLM workflows, agentic pipelines, model APIs) with working knowledge of AI-specific risk classes including prompt injection, model manipulation, and runtime control gaps; and in parallel, deploy AI and automation as a force multiplier by building tooling, pipelines, and integrations that extend the team's reach, accelerate triage, and drive risk visibility at a scale manual effort alone cannot achieve. • Own end-to-end security assessments for high-risk features and services (threat modeling, architecture review, targeted code review, and security testing) embedded in the product development lifecycle. Work directly with engineering teams to surface and close risk before it ships, with enough technical credibility to influence design decisions, not just document findings. • Operate and evolve the security scanning controls embedded in Smartsheet's GitLab pipelines (SAST, SCA, secrets, IaC scanning). Tune tools, engage teams on findings, and build automation that reduces false positive burden and improves how developers experience security feedback. • Serve as the expert validation layer for Smartsheet's bug bounty program, reproducing and assessing complex, multi-step researcher submissions requiring authenticated context and deep platform knowledge, making defensible severity and payout decisions, and owning program operations including researcher engagement, metrics, and continuous improvement.

🎯 Requirements

• 8+ years in application security, with a track record of owning complex, multi-capability work in a product security or AppSec engineering role. • Fluent in one or more modern languages (Java, Python, TypeScript/JavaScript, Go, Ruby, or equivalent); you identify security-relevant patterns without relying on tooling and write automation that others adopt. • Hands-on experience securing AI-integrated applications (LLM systems, agentic workflows, model APIs) and demonstrated experience deploying AI and automation to scale security functions or extend team reach. You bring both skill sets. • Threat modeling, architecture review, and code review for complex SaaS features; you produce findings engineering teams can act on and carry enough technical credibility to influence design decisions, not just document them. • Independent, hands-on validation of complex, multi-step authenticated vulnerabilities; you confirm what scanners flag and find what they miss. • Operator, active researcher, or both; direct experience with triage, severity calibration, and researcher communication. • Working knowledge of SAST, SCA, secrets, and IaC scanning in modern pipelines, with experience engaging teams on findings and improving signal quality. • Working knowledge of AWS, GCP, or Azure sufficient to tie application-layer risk to the infrastructure it runs on; you understand where the application ends and the cloud begins. • Legally eligible to work in the U.S. on an ongoing basis • BS or MS in Computer Science, a related field, or equivalent industry experience.

🏖️ Benefits

• Employer subsidized medical/vision and dental coverage for full-time employees • 401k Match to help you save for your future (50% of your contribution up to the first 6% of your eligible pay) • Monthly stipend to support your work and productivity • Flexible Time Away Program, plus Sick Time Off • US employees are automatically covered under Smartsheet-sponsored life insurance, short-term, and long-term disability plans • US employees receive 12 paid holidays per year • Up to 24 weeks of Parental Leave • Personal paid Volunteer Day to support our community • Opportunities for professional growth and development including access to Udemy online courses • Company Funded Perks, including a counseling membership, local retail discounts, and your own personal Smartsheet account • Teleworking options from any registered location in the U.S. (role specific)

Apply Now

Similar Jobs

🕒 June 25

Kennametal

10,000+ employees

Senior Application Engineer providing technical support for Kennametal's machine tool industry. Leading key projects and maintaining customer relationships to enhance service delivery in manufacturing.

🕒 June 25

Hubbell Incorporated

10,000+ employees

⚡ Energy

Senior Technical Application Engineer collaborating with Sales Directors to develop utility solutions at Hubbell. Requires strong Smart Grid knowledge and engineering background for successful client engagement.

🕒 June 25

Kyndryl

10,000+ employees

🏢 Enterprise

🔒 Cybersecurity

☁️ SaaS

Software Engineer maintaining and extending a disaster recovery portal with Python and React. Collaborating on application development and deployment for high-impact technology solutions.

🕒 June 25

Kyndryl

10,000+ employees

🏢 Enterprise

🔒 Cybersecurity

☁️ SaaS

Software Engineer at Kyndryl maintaining and enhancing a constituent-facing disaster recovery portal. Working with Python/FastAPI backend and React/TypeScript frontend, ensuring high performance and security.

🕒 June 24

BetterHelp

1 - 10

👥 B2C

⚕️ Healthcare Insurance

🧘 Wellness

Senior Security Software Engineer at BetterHelp collaborating on application security and vulnerability management. Join a mission-driven team to expand access to mental health care through innovative solutions.