Staff Application Security Engineer
Role details
Job location
Tech stack
Job description
You will help to ensure the secure delivery of Epsilon's software applications by designing and implementing secure coding practices, conducting advanced security testing through application security platforms, and collaborating with development teams to ensure security is integrated throughout the development lifecycle. You will be a core member of the application security team as a contributor in the areas of secure software architecture and design, web application vulnerability and remediation, and a variety of tools used in secure development and testing. You will provide support, guiding and advising multiple development teams to develop secure applications and services in accordance with the established application security policies and standards. Finally, you will be responsible for recommending and guiding the implementation of modifications and enhancements to ensure the organization is evolving with the threat landscape. By continuously improving and expanding our security platforms and fostering strong collaborative relationships, you will create a more secure, efficient, and proactive development environment, ultimately ensuring the integrity and safety of Epsilon's software applications.
Responsibilities What you'll Achieve
- Perform code analysis of applications, manually and through application security testing solutions, to identify vulnerabilities.
- Provide context and rationalization for identified vulnerabilities.
- Review and recommend remediation actions for identified vulnerabilities.
- Drive and support security architecture design reviews and threat modeling of our products.
- Improve the accessibility of security through automation, vulnerability exception processing, embedding secure practices within continuous integration pipelines, and other related activities.
- Build trust relationships with teams to effectively achieve security goals.
- Drive cross-disciplinary initiatives to improve the security of our engineering ecosystem and products.
- Contribute to relevant security standards, processes, and other formal documentation.
- Collaborate with teams to ensure understanding and compliance with relevant security policies, standards, and best practices.
- Assist in onboarding new teams and applications to security platforms.
Requirements
- BS / MS in Computer Science or similar degree
- Minimum of 10 years of experience in related fields
- Direct experience in software development
- Direct experience with at least one or more CI/CD platforms
- Direct experience with application testing (e.g., SAST, DAST, MAST, RAST, IAST)
- Direct experience in application vulnerability management processes
- Working knowledge of current software development methodologies
- Working knowledge of OWASP Top 10 and CWE 25
- Working knowledge of programming languages and scripting
- Working knowledge of software design lifecycle
- Working knowledge of web and app security stack (e.g., API security)
- Working knowledge of cloud security concepts and technologies
- Working knowledge of authentication and authorization flows in web applications
- Strong understanding of threat modeling
- Strong understanding of network security (e.g , WAF, Micro-segmentation)
- Strong understanding of cryptography topics
- Why you might stand out from other talent
- Strong collaboration
- Interpersonal, collaborative, written and verbal communication skills
- Excellent problem solving, critical thinking skills
- Ability to work independently and self-motivate
Benefits & conditions
Tuition reimbursement, Parental leave, 401(k), Health insurance, Paid time off, Vision insurance, Dental insurance, Paid sick time Full-time Hybrid work in 11030 Circle Point Rd, Westminster, CO 80020, As an Epsilon employee, you deserve perks and benefits that put you, your family and your finances first. Our benefits encompass a wide range of offerings, including but not limited to the following:
- Time to Recharge: Flexible time off (FTO), 15 paid holidays
- Time to Recover: Paid sick time
- Family Well-Being: Parental/new child leave, childcare & elder care assistance, adoption assistance
- Extra Perks: Comprehensive health coverage, 401(k), tuition assistance, commuter benefits, professional development, employee recognition, charitable donation matching, health coaching and counseling
Epsilon benefits are subject to eligibility requirements and other terms., Compensation Range: USD $100,000.00 - USD $197,000.00/Annually. This is the pay range the Company believes it will pay for this position at the time of this posting. Consistent with applicable law, compensation will be determined based on the skills, qualifications, and experience of the applicant along with the requirements of the position, and the Company reserves the right to modify this pay range at any time. Temporary roles may be eligible to participate in our freelancer/temporary employee medical plan through a third-party benefits administration system once certain criteria have been met. Temporary roles may also qualify for participation in our 401(k) plan after eligibility criteria have been met. For regular roles, the Company will offer medical coverage, dental, vision, disability, 401k, and paid time off. The Company anticipates the application deadline for this job posting will be 7/10/2026.