ZipRecruiter

Log In

1

Application Security Engineer Jobs in California

Opal

Application Security Engineer

San Francisco, CA ยท On-site

$69.25 - $92.50/hr

We're hiring an Application Security Engineer to own security across Opal's product and platform - and yes, own means what it sounds like. You'd be our dedicated security engineer, embedded directly ...

xAI

Application Security Engineer

Palo Alto, CA ยท On-site

$200K - $340K/yr

We are seeking a skilled and innovative Application Security Engineer to join our technology-driven company. In this role, you will be responsible for ensuring the security and integrity of our cloud ...

xAI

Application Security Engineer

Palo Alto, CA

$200K - $340K/yr

We are seeking a skilled and innovative Application Security Engineer to join our technology-driven company. In this role, you will be responsible for ensuring the security and integrity of our cloud ...

xAI

Application Security Engineer

Palo Alto, CA ยท On-site

$69.25 - $92.50/hr

The Application Security Engineer will ensure the security and integrity of cloud-native applications and systems throughout the software development lifecycle, with a focus on code security and CI ...

xAI

Application Security Engineer

Palo Alto, CA ยท On-site

$69.25 - $92.50/hr

They are seeking an Application Security Engineer to ensure the security and integrity of their cloud-native applications throughout the software development lifecycle, with a focus on code security ...

xAI

Application Security Engineer

Palo Alto, CA ยท On-site

$200K - $340K/yr

We are seeking a skilled and innovative Application Security Engineer to join our technology-driven company. In this role, you will be responsible for ensuring the security and integrity of our cloud ...

xAI

Application Security Engineer

Palo Alto, CA ยท On-site

$69.25 - $92.50/hr

They are seeking an innovative Application Security Engineer responsible for ensuring the security and integrity of cloud-native applications throughout the software development lifecycle, with a ...

Heartflow

Application Security Engineer

San Francisco, CA ยท Hybrid

$145K - $180K/yr

We are looking for an Application Security Engineer to work with our engineering team to ensure security is an integral part of our Software Development Lifecycle (SDLC). In this role, you'll have ...

Esri

Sr. Application Security Engineer

Redlands, CA ยท On-site

$59 - $79/hr

As an Application Security Engineer at Esri, you will fill a critical role in helping secure Esri's intellectual property and sensitive data against a variety of complex threats with support from all ...

Esri

Sr. Application Security Engineer

Redlands, CA ยท On-site

$59 - $79/hr

They are seeking a Sr. Application Security Engineer to enhance the security of their applications, collaborating with various teams to design security measures, perform testing, and provide guidance ...

Esri

Sr. Application Security Engineer

Redlands, CA ยท On-site

$59 - $79/hr

Esri is a leader in GIS technology, and they are seeking a Sr. Application Security Engineer to enhance their application security measures. The role involves designing security testing capabilities ...

Esri

Sr. Application Security Engineer

Redlands, CA ยท On-site

$59 - $79/hr

Esri is a leader in GIS technology, and they are seeking a Sr. Application Security Engineer to enhance their application security measures. The role involves designing security testing capabilities ...

Heartflow

Application Security Engineer

San Francisco, CA ยท On-site

$145K - $180K/yr

We are looking for an Application Security Engineer to work with our engineering team to ensure security is an integral part of our Software Development Lifecycle (SDLC). In this role, you'll have ...

next page

Showing results 1-20

All JobsApplication Security Engineer JobsApplication Security Engineer Jobs in California

Application Security Engineer information

See California salary details

$29

$65

$95

How much do application security engineer jobs pay per hour?

As of Jun 15, 2026, the average hourly pay for application security engineer in California is $65.53, according to ZipRecruiter salary data. Most workers in this role earn between $55.77 and $74.47 per hour, depending on experience, location, and employer.

What Does an Application Security Engineer Do?

An application security engineer is responsible for ensuring the secure function of software application programs. For this career, you must have advanced training in cybersecurity and familiarity with multiple computer programming languages. Your main job duty is to evaluate lines of programming code to make sure a given application is safe from cyber-attack. You perform penetration testing to see if outside sources can "hack" into the application. You also do threat modeling and security code reviews of programming done by other application programmers.

What are some common challenges faced by Application Security Engineers when integrating security into the software development lifecycle?

Application Security Engineers often encounter challenges such as balancing security requirements with development speed, ensuring all team members understand secure coding practices, and keeping up with evolving threats. They frequently work closely with developers, DevOps, and QA teams to embed security controls without disrupting workflows. Overcoming these challenges requires strong communication skills, a deep understanding of both security and software development, and the ability to advocate for security as a shared responsibility across the organization.

What does an Application Security Engineer do?

An Application Security Engineer is responsible for identifying and mitigating security vulnerabilities in software applications throughout their development lifecycle. They work closely with developers to ensure secure coding practices, conduct security assessments and code reviews, and implement tools for threat detection and prevention. Their primary goal is to protect applications from threats such as data breaches, unauthorized access, and other forms of cyber attacks. They also stay updated on the latest security trends and compliance requirements to keep applications safe.

What are the key skills and qualifications needed to thrive as an Application Security Engineer, and why are they important?

To thrive as an Application Security Engineer, you need a solid background in software development, cybersecurity fundamentals, and vulnerability assessment, often supported by a degree in computer science or a related field. Familiarity with tools such as static and dynamic application security testing (SAST/DAST), penetration testing frameworks, and relevant certifications like CISSP or CEH is common. Attention to detail, problem-solving abilities, and strong communication skills help you effectively identify risks and collaborate with development teams. These skills are crucial for safeguarding applications against evolving threats and ensuring secure software delivery.

What is the difference between Application Security Engineer vs Security Analyst?

AspectApplication Security EngineerSecurity Analyst
CertificationsCEH, CISSP, OSCPCISSP, Security+
Work EnvironmentDevelops security measures, reviews code, tests applicationsMonitors security systems, investigates incidents, analyzes threats
Industry UsageTech companies, software firms, organizations with strong app focusBroad sectors including finance, healthcare, government

Application Security Engineers focus on securing software applications through code review, vulnerability testing, and implementing security measures. Security Analysts monitor and analyze security threats, respond to incidents, and maintain security systems. While both roles require security certifications and work in security-focused environments, Application Security Engineers are more involved in the development and testing of secure applications, whereas Security Analysts focus on threat detection and incident response.

More about Application Security Engineer jobs
What are the most commonly searched types of Application Security Engineer jobs in California? The most popular types of Application Security Engineer jobs in California are:
What are popular job titles related to Application Security Engineer jobs in California? For Application Security Engineer jobs in California, the most frequently searched job titles are:
What job categories do people searching Application Security Engineer jobs in California look for? The top searched job categories for Application Security Engineer jobs in California are:
What cities in California are hiring for Application Security Engineer jobs? Cities in California with the most Application Security Engineer job openings:
What are popular job titles related to Application Security Engineer jobs in CA? For Application Security Engineer jobs in CA, the most frequently searched job titles are:
Application Security Engineer jobs near you
Infographic showing various Application Security Engineer job openings in California as of June 2026, with employment types broken down into 100% Full Time. Highlights an 100% Remote job distribution, with an average salary of $136,308 per year, or $65.5 per hour.

Application Security Engineer

Bright Vision Technologies

San Ramon, CA โ€ข Remote

$100K - $150K/yr

Full-time

Posted 8 days ago

Job description

Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. We leverage cutting-edge technologies to create scalable, secure, and user-friendly applications.
As we continue to grow, weโ€™re looking for a skilled Application Security Engineer to join our dynamic team and contribute to our mission of transforming business processes through technology.
This is a fantastic opportunity to join an established and well-respected organization offering tremendous career growth potential.
Job Title: Application Security Engineer
Location: 100% Remote (Continental United States)
Position Type: In-house Bright Vision Technologies SOW engagement (no third-party client or vendor)
Salary: $100K - $150K
Experience: 5+ years
Sponsorship: No new H1B sponsorship available. H1B transfers welcomed for qualified candidates.
Employment Type: Full-time, direct W2 with Bright Vision Technologies (no C2C, no 1099, no third-party)
Engagement: Long-term, multi-year, aligned to the Bright Vision SOW delivery roadmap
Compensation: Competitive base salary commensurate with experience, plus benefits.
Employment Terms & Visa Policy
This is a 100% remote, full-time, direct W2 position with Bright Vision Technologies.
This role is part of Bright Vision Technologiesโ€™ in-house Statement of Work (SOW) engagement. The client, end customer, and employer for this position is Bright Vision Technologies โ€” there is no third-party client, vendor, or implementation partner involved.
We do not engage in C2C, 1099, or third-party arrangements for this role.
BUT STRICTLY NO C2C/1099/3RD PARTY COMPANIES. ALL OUR ROLES ARE W2 AND NO 3RD PARTY BROKERING PLEASE.
Candidates must be willing to work directly as a full-time W2 employee of Bright Vision Technologies and contribute to our in-house SOW deliverables.
No new H1B sponsorship is available for this role.
However, candidates who are currently on a valid H1B visa and require a transfer are welcome to apply. We will support H1B transfers for qualified candidates.
For every role, a technical coding assessment is mandatory. Please apply only if you are confident in your technical abilities and hands-on experience.
Job Summary
We are looking for an Application Security Engineer to embed security throughout the software development lifecycle, partnering with engineering teams to design secure systems, identify vulnerabilities, and reduce risk across our application portfolio. The role blends hands-on offensive and defensive skills with strong communication and collaboration, helping development teams build secure software efficiently rather than slowing them down. The ideal candidate brings deep technical security expertise, strong software engineering fundamentals, and a track record of shipping security improvements that meaningfully reduce risk in production.
Key Responsibilities
  • Conduct threat modeling and security architecture reviews for new and existing applications and services.
  • Perform manual code reviews, secure design consultations, and pair with engineering teams on hardening critical components.
  • Operate and tune SAST, DAST, IAST, SCA, and secret-scanning tools across CI/CD pipelines.
  • Drive vulnerability management workflows including triage, prioritization, owner assignment, and SLA tracking.
  • Build paved-road libraries and frameworks that make secure patterns the default for engineering teams.
  • Lead red-team and purple-team exercises against internal applications and drive remediation of identified weaknesses.
  • Implement and operate runtime protections including WAF, RASP, bot protection, and abuse-detection mechanisms.
  • Design and enforce secure authentication, authorization, session management, and cryptographic patterns.
  • Partner with infrastructure and platform teams to harden container, Kubernetes, and cloud environments.
  • Develop and deliver application security training, lunch-and-learns, and onboarding content for engineering staff.
  • Respond to security incidents involving application vulnerabilities or active exploitation.
  • Track and apply emerging threats and CVEs that may affect the application portfolio.
  • Maintain comprehensive, current technical documentation โ€” including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures โ€” so that the system remains supportable, auditable, and easy to onboard new engineers onto over time.
  • Stay current with application security research and emerging defensive tooling.
Required Qualifications
  • Bachelorโ€™s degree in Computer Science, Cybersecurity, or a related field.
  • Five or more years of application security or security engineering experience.
  • Strong understanding of OWASP Top 10, common vulnerability classes, and modern exploit patterns.
  • Hands-on experience performing code review across at least two major languages.
  • Deep familiarity with SAST, DAST, SCA, and CI/CD-integrated security tooling.
  • Strong understanding of authentication, authorization, and cryptographic primitives.
  • Experience with cloud security and modern infrastructure controls.
  • Strong communication skills with technical and non-technical audiences.
  • Proficiency in at least one programming language for tooling and automation.
  • Experience working closely with engineering teams in an Agile environment.
Preferred Qualifications
  • Industry certifications such as OSCP, OSCE, GWAPT, or CISSP.
  • Experience with offensive security tooling and red-team operations.
  • Bug bounty experience, public CVEs, or open-source security contributions.
  • Familiarity with AI/LLM application security considerations.
  • Exposure to regulated industries with strict compliance requirements.
How to Apply
Would you like to know more about this opportunity?
For immediate consideration, please send your resume to hilda@bvteck.com
Learn more about Bright Vision Technologies at www.bvteck.com.
We recognize that our people are our strength, and the diverse talents they bring to our global workforce are directly linked to our success. We are an equal opportunity employer and place a high value on diversity and inclusion at our company.
We do not discriminate on the basis of any protected attribute, including race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, marital or veteran status, pregnancy or disability, or any other basis protected under applicable law. We also make reasonable accommodations for applicantsโ€™ and employeesโ€™ religious practices and beliefs, as well as mental health or physical disability needs.
Bright Vision Technologies is an Equal Opportunity Employer, including Disability/Veterans.
Position offered by โ€œNo Fee Agency.โ€

Equal Employment Opportunity (EEO) Statement

Bright Vision Technologies (BV Teck) is committed to equal employment opportunity (EEO) for all employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, veteran status, or any other protected status as defined by applicable federal, state, or local laws. This commitment extends to all aspects of employment, including recruitment, hiring, training, compensation, promotion, transfer, leaves of absence, termination, layoffs, and recall.

BV Teck expressly prohibits any form of workplace harassment or discrimination. Any improper interference with employees\' ability to perform their job duties may result in disciplinary action up to and including termination of employment.

Apply