ZipRecruiter

Log In

1

Secure Code Review Jobs (NOW HIRING)

StartupTAP

Lead AI AppSec Engineer

Irvine, CA · On-site

$63 - $84.25/hr

Conduct secure code reviews and support vulnerability remediation * Integrate and operate security tooling such as SAST, DAST, and SCA within CI/CD pipelines * Help define guardrails, monitoring, and ...

Amazon

Security Engineer, AWS Security

Seattle, WA · On-site

... guidance on secure architecture and coding practices - Build automated, continuous security assessment capabilities that replace manual security reviews and scale across our business unit ...

Decagon

Senior Security Engineer

San Francisco, CA · On-site

$134.90K - $185K/yr

Required : • Have 5+ years of hands-on application security engineering experience • Expertise in secure software development practices, including threat modeling, secure code review, and ...

Flagstar Bank

Product Security Principal

New York, NY · On-site

This position is accountable for application-specific security controls, threat modeling, security architecture reviews, secure code practices, and security testing coordination. Responsible for ...

IPsoft Inc.

Security Consultant

Dallas, TX

Code Review Software/Application Penetration Testing Architecture Security Analysis and Threat Modeling Secure Software Design, Architecture, and Engineering Software/Application Reverse Engineering ...

Twin Health

Application Security Engineer

$60.25 - $80.25/hr

... secure coding practices. * Collaborate with the Security, IT, and GRC teams to ensure alignment with SOC 2, HIPAA, and SOX controls. * Contribute to threat modeling, code review, and incident ...

Polymarket

Application Security Engineer

New York, NY · On-site

$180K - $250K/yr

... secure code review, or a dedicated AppSec engineering role * Strong proficiency identifying and exploiting OWASP Top 10 vulnerabilities; experience assessing modern web applications and API ...

Bishop Fox

AI Software Engineer

San Francisco, CA · On-site

Review and refine AI-generated code to ensure compliance with secure coding standards (e.g., OWASP Top 10, secure SDLC practices). * Implement automated guardrails to detect insecure outputs, prompt ...

Bishop Fox

AI Software Engineer

San Francisco, CA

Review and refine AI-generated code to ensure compliance with secure coding standards (e.g., OWASP Top 10, secure SDLC practices). * Implement automated guardrails to detect insecure outputs, prompt ...

Heartflow

Application Security Engineer

San Francisco, CA · Hybrid

$145K - $180K/yr

Perform secure code reviews, validate false positive determinations, coach developers on effective remediation strategies, threat model our products and carry out essential parts of a secure SDLC.

Sonar

Senior Product Designer

Austin, TX

As the leader in AI code review and verification, we solve a critical problem: ensuring that software generated by AI-assisted developers or autonomous agents is reliable, secure, and maintainable.

Sonar

Senior Product Designer

Austin, TX · On-site

As the leader in AI code review and verification, we solve a critical problem: ensuring that software generated by AI-assisted developers or autonomous agents is reliable, secure, and maintainable.

Sonar

Senior Product Designer

Austin, TX

As the leader in AI code review and verification, we solve a critical problem: ensuring that software generated by AI-assisted developers or autonomous agents is reliable, secure, and maintainable.

Lancesoft

Security Engineer

Minneapolis, MN · On-site

$69.23 - $115.38/hr

This individual will help evaluate and implement modern AI security tooling, perform secure code reviews, validate dynamic application security testing results, and contribute to the development of ...

Flagstar Bank

Product Security Principal

Manhattan, NY · On-site

Responsibilities : • Cultivates security culture across product, technology, and business teams by embedding threat modeling, security architecture reviews, and secure code practices, ensuring ...

Gemini

Senior Application Security Engineer

New York, NY

$140K - $200K/yr

Lead secure design reviews, threat modeling, code review, and penetration testing for high-risk products such as crypto custody, trading systems, and payments * Build and ship code: design and build ...

Gemini

Senior Application Security Engineer

New York, NY · On-site

$140K - $200K/yr

Lead secure design reviews, threat modeling, code review, and penetration testing for high-risk products such as crypto custody, trading systems, and payments * Build and ship code: design and build ...

next page

Showing results 1-20

People also search for

All JobsSecure Code Review Jobs

Secure Code Review information

See salary details

$29

$66

$96

How much do secure code review jobs pay per hour?

As of May 31, 2026, the average hourly pay for secure code review in the United States is $66.40, according to ZipRecruiter salary data. Most workers in this role earn between $56.49 and $75.48 per hour, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as a Secure Code Reviewer, and why are they important?

To thrive as a Secure Code Reviewer, you need a solid understanding of secure coding practices, programming languages (such as Java, Python, or C++), and common software vulnerabilities, often supported by relevant security certifications like CISSP or CSSLP. Familiarity with automated code analysis tools, static application security testing (SAST) platforms, and bug tracking systems is typically required. Strong analytical thinking, attention to detail, and clear communication skills set outstanding reviewers apart. These abilities are crucial for identifying, explaining, and mitigating security risks in code, ensuring robust application security.

What are some common challenges faced by professionals performing secure code reviews, and how can they be addressed?

Secure code reviewers often encounter challenges such as keeping up with evolving security threats, identifying subtle vulnerabilities in complex codebases, and maintaining effective communication with development teams. To address these, reviewers should stay updated on the latest security trends, use automated tools to assist in identifying potential issues, and foster collaborative relationships with developers to ensure that findings are understood and remediated effectively. Regular training, participating in security communities, and integrating secure code review into the software development lifecycle can also help overcome these challenges.

What is secure code review?

Secure code review is the process of systematically examining application source code to identify and remediate security vulnerabilities before software is released. This review can be performed manually or with automated tools, focusing on areas where coding errors could lead to security risks such as injection attacks, data leaks, or authentication flaws. The goal is to ensure that the code adheres to secure coding standards and best practices, ultimately reducing the risk of exploitation by malicious actors.

What is the difference between Secure Code Review vs Static Application Security Testing (SAST)?

AspectSecure Code ReviewStatic Application Security Testing (SAST)
CredentialsKnowledge of secure coding, programming languages, security standardsSecurity testing tools, programming knowledge, security certifications
Work EnvironmentManual review, developer collaboration, code analysisAutomated scanning, integration with CI/CD pipelines
Industry UsageDevelopment teams, security analysts, code auditsSecurity teams, QA, DevOps, automated security testing

Secure Code Review involves manual or semi-automated analysis of source code to identify security flaws, emphasizing developer collaboration. SAST uses automated tools to scan code for vulnerabilities during development, enabling faster detection. Both roles aim to improve code security but differ in approach: one is manual and detailed, the other automated and scalable.

More about Secure Code Review jobs
What states have the most Secure Code Review jobs? States with the most job openings for Secure Code Review jobs include:
What job categories do people searching Secure Code Review jobs look for? The top searched job categories for Secure Code Review jobs are:
Secure Code Review jobs near you
Infographic showing various Secure Code Review job openings in the United States as of May 2026, with employment types broken down into 87% Full Time, and 13% Contract. Highlights an 74% In-person, 13% Hybrid, and 13% Remote job distribution, with an average salary of $138,117 per year, or $66.4 per hour.
Lead AI AppSec Engineer

Lead AI AppSec Engineer

StartupTAP

Irvine, CA • On-site

$63 - $84.25/hr

Full-time

Posted 23 days ago

Job description

Role Overview 
Capital Group is building an internal AI platform to support enterprise AI solutions across the organization. This role will be one of the first dedicated application security engineers focused on embedding security into the platform and AI-enabled applications from the beginning.
 
This is a hands-on individual contributor role working closely with the AI platform and engineering teams to design and implement security controls, perform threat modeling, secure code and pipelines, and help build secure foundations for enterprise AI systems.
Responsibilities:
  • Embed application security controls into AI-enabled applications and internal platform services
  • Perform threat modeling and security design reviews for new systems and integrations
  • Conduct secure code reviews and support vulnerability remediation
  • Integrate and operate security tooling such as SAST, DAST, and SCA within CI/CD pipelines
  • Help define guardrails, monitoring, and risk protections for AI-enabled systems
  • Work directly with engineering teams to implement secure solutions
  • Contribute to security architecture, implementation planning, and technical problem solving
Qualifications:
  • 8+ years of experience in Application Security, Product Security, or Security Engineering
  • Strong hands-on experience with secure code reviews, threat modeling, and vulnerability remediation
  • Experience implementing and operating application security tooling in CI/CD environments
  • Experience securing modern applications, APIs, or enterprise platforms
  • Ability to work directly with engineers as a technical peer in a hands-on environment
  • Experience working in complex enterprise, SaaS, or technology environments
  • Coding or scripting experience such as Python
  • Experience working closely with platform or product engineering teams
  • Interest in AI, AI-enabled systems, or emerging security challenges
  • Visa sponsorship is not available for this posting. Applicants must be authorized to work for any employer in the U.S.
Why This Role:
  • Greenfield AI platform initiative
  • Opportunity to help define how AI-enabled systems are secured across a large enterprise environment
  • Hands-on role solving new security challenges in a rapidly evolving space
  • High visibility role working across security and engineering teams