Senior Application Security Engineer job in Ann Arbor
Barracuda Networks, Inc.
Ann Arbor, United States of America
13 days ago
Role details
Contract type
Permanent contract Employment type
Full-time (> 32 hours) Working hours
Regular working hours Languages
English Experience level
SeniorJob location
Remote
Ann Arbor, United States of America
Tech stack
Java
JavaScript
Software System Penetration Testing
Code Review
Continuous Integration
Python
Ruby
Session Management
TypeScript
Software Vulnerability Management
Data Logging
Large Language Models
Software Security
Static Application Security Testing
Go
Programming Languages
Job description
As a Senior Application Security Engineer, you'll help shape the future of our AppSec program. You'll work effectively and efficiently in a small, high-impact team, bringing a sense of ownership and community. You'll have the opportunity to learn quickly, provide feedback on long-term improvements, and drive strategic security initiatives across our product portfolio.
Tech Stack:
- TypeScript/JavaScript, Python, Ruby, Java, Go
- CI/CD automation tools (SAST, SCA, Secrets Scanning, etc.)
- AI security controls and LLM risk management
What you'll be working on
- Embed security across the development lifecycle, moving from pen-test/documentation-heavy to guardrail-driven programs
- Facilitate lightweight, feature-level threat models and drive risk-based discussions
- Perform hands-on application penetration tests and security-focused source code reviews
- Drive risk rating and vulnerability management processes
- Partner with product, platform, and engineering leads to drive security initiatives
- Lead outcome-focused design review discussions and security trainings
- Provide framework-specific remediation guidance to developers
Requirements
- 5 - 8+ years in product-focused AppSec, with a track record of embedding security and reducing late-stage findings via automation and developer enablement
- Deep practical knowledge of core security concepts (authN/Z, session management, input/output handling, logging, data protection, access controls)
- Proficient in at least two programming languages (TypeScript/JavaScript, Python, Ruby, Java, Go, etc.)
- Hands-on experience with application penetration testing and code reviews
- Proficient in threat modeling and risk-based analysis
- Strong organizational, time-management, communication, and presentation skills
About the company
Come join our passionate team! Barracuda is a leading cybersecurity company providing complete protection against complex threats. Our platform protects email, data, applications, and networks with innovative solutions, and a managed XDR service, to strengthen cyber resilience. Hundreds of thousands of IT professionals and managed service providers worldwide trust us to protect and support them with solutions that are easy to buy, deploy, and use.