[Hiring] Senior Application Security Engineer REMOTE USA

Position: Senior Application Security Engineer

Date Posted: 29 January 2026

Industry: Technology / Cybersecurity / Software Development

Employment Type: Full Time

Experience: 5+ years in Application Security, Pentesting, or Security Engineering

Qualification: Estimated Bachelor’s Degree holder or equivalent experience in Computer Science, Information Security, or related field

Salary: $116,640—$160,000 USD (depending on location and experience)

Location: United States [REMOTE]

Company: Unqork

Description:
Unqork is looking for a highly skilled Senior Application Security Engineer to join our remote-first team and play a critical role in securing our Commercial and FedRAMP technology stack. Unqork enables enterprises to rapidly build AI-native applications with strong security, reduced technical debt, and innovative capabilities. Our clients include Goldman Sachs, Marsh, BlackRock, and the U.S. Department of Health and Human Services.

Key Responsibilities:

• Conduct in-depth manual penetration testing and security assessments of web applications to detect vulnerabilities beyond automated tools
• Triage and manage SAST (Static), DAST (Dynamic), and SCA (Software Composition Analysis) results, reducing false positives and prioritizing critical risks
• Perform security code reviews of Node.js applications, identifying logic flaws, injection vulnerabilities, and broken access controls
• Develop Python scripts to automate repetitive security tasks and integrate security checks into CI/CD pipelines
• Collaborate with development teams to track vulnerabilities from discovery to remediation and verification
• Stay up-to-date with OWASP Top 10, OWASP LLM Top 10, and industry frameworks to ensure defense strategies evolve with emerging threats

Requirements:

• 5+ years of experience in Application Security, Pentesting, or Security Engineering
• Deep knowledge of OWASP Top 10 web vulnerabilities (XSS, SQLi, SSRF, etc.) and experience testing AI/LLM applications
• Proficiency in Node.js code review and Python scripting
• Experience with Burp Suite Professional, OWASP ZAP, and commercial SAST/DAST/SCA platforms
• Strong communication skills to explain complex security concepts to technical and non-technical stakeholders

Compensation & Benefits:

• Remote-first work environment
• Tiered base salary: $129,600—$160,000 (Tier 1 locations), $116,640—$144,000 (Tier 2 locations)
• Target incentives and company equity (stock options)
• Unlimited PTO with encouragement to use it
• Student loan repayment assistance
• 100% employer-covered medical, dental, and vision for employees and dependents
• Flexible Spending Account (FSA)
• Monthly stipend for WFH setup, vacation, or professional development
• Employer-sponsored 401(k) with match
• Subsidized ClassPass membership
• Generous paid parental leave

Disclaimer: The job details above are structured for clarity and based on publicly available content from recruiters/Company pages. All rights remain with the original source; names may be withheld for confidentiality. We are not involved in the hiring process.