← all jobs

[Remote] Senior Application Security Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. Hampton North is a company focused on securing a B2B2C SaaS platform through innovative application security measures. The Senior Application Security Engineer will lead efforts in securing AI-integrated applications, hardening CI/CD pipelines, and ensuring responsible AI adoption while utilizing AI-powered tools to enhance security throughout the software development lifecycle.

Responsibilities

  • Use AI-powered security and development tools every day (Claude Code, Claude Security, or comparable assistants) to accelerate vulnerability discovery, code review, threat modeling, and remediation across the SDLC
  • Design and operate agentic security automation that orchestrates multi-step checks across the CI/CD pipeline, including AI-assisted auto-fix workflows and AI-native security gates
  • Lead security architecture reviews and embed secure-by-design principles from initial design through deployment and ongoing operation
  • Assess and mitigate AI-specific attack surfaces in LLM-integrated features, including direct and indirect prompt injection, context leakage, insecure tool use, and model denial-of-service
  • Continuously refine threat modeling across application components, third-party integrations, cloud-native architecture, and AI/LLM-powered features
  • Develop, enforce, and evolve secure coding standards through SAST, DAST, and SCA scanning, AI-assisted code review, periodic manual audits, and targeted developer training
  • Own and evolve Application Security Posture Management, integrating static, dynamic, SCA, and runtime signals into risk-scoring that weighs exploitability, data sensitivity, and business impact
  • Manage vulnerability triage and prioritization against exploitability, business impact, and compliance, aligning remediation timelines to risk tolerance
  • Run the bug bounty program end to end: scope, triage and validate researcher submissions, assess severity, and engage the research community
  • Mentor engineers and developers on secure coding, remediation, and effective use of AI-augmented security workflows
  • Present findings, risk assessments, and program metrics to senior leadership, clients, auditors, and regulators

Skills

  • Seven or more years in application security, software security engineering, or a closely related domain within production SaaS environments
  • Regular hands-on use of AI-powered security and development tools (Claude Code, Claude Security, or comparable coding and security assistants) as part of your daily workflow, beyond evaluation or advisory use
  • Experience building or operating agentic AI security workflows: multi-step autonomous automation, parallel subagent reviews, agent-to-agent handoffs, policy-driven automation
  • Experience assessing AI-specific attack surfaces in LLM-integrated applications: prompt injection (direct and indirect), context leakage, insecure tool use, model denial-of-service
  • Deep AWS security and Kubernetes security expertise, with cloud-native application security best practices
  • Hands-on DevSecOps pipeline design and security testing across SAST, DAST, SCA, and penetration testing
  • Ability to review and assess security risk in one or more of Java, C#, JavaScript/TypeScript, Python, Swift, Kotlin
  • Secure authentication and authorization depth: OAuth 2.0, OIDC, SAML, JWT, WebAuthn, Zero Trust
  • Security automation and scripting in Python and Bash
  • Working command of OWASP Top 10, OWASP Top 10 for LLM Applications, SANS 25, CVSS, EPSS, and MITRE ATT&CK
  • Secure context window management in AI products: context isolation boundaries, prevention of sensitive data leakage, data classification for model inputs
  • Encryption standards, cryptographic best practice, and secrets management
  • Ability to present risk clearly to technical and non-technical audiences, including senior leadership and external stakeholders
  • Comfort working independently in a remote setting with high accountability
  • CSSLP, OSCP, GWEB, or GWAPT
  • Bachelor's in Computer Science, Cybersecurity, Information Assurance, Software Engineering, or a related field, or an equivalent combination of education and experience
  • Experience evaluating AI provider security posture: API security reviews, data residency assessments, vendor risk questionnaires, contractual security requirements
  • AI model access controls and secrets hygiene in AI pipelines: least-privilege for LLM tool integrations, securing model inference endpoints
  • SIEM, WAF, and security monitoring tools
  • AWS controls depth: IAM, security groups, KMS, Lambda security, cloud monitoring

Benefits

  • Bonus(some flex DOE)
  • Fully remote, US based
  • Minimal travel, roughly two team gatherings per year

Company Overview

  • Hampton North is a Cyber Security specialist staffing firm. It was founded in 2022, and is headquartered in West Hartford , Connecticut, US, with a workforce of 2-10 employees. Its website is https://www.hamptonnorth.com.
  • More open positions

    [Remote] Bilingual Customer Service Representative – Parent Liaison (Remote)

    Work from home Full-time role

    [Remote] Opto-Mechanical Designer - REMOTE

    Work from home Full-time role

    [Remote] Cloud Engineer – Amazon Connect

    Work from home Full-time role

    [Remote] Associate Director, Account Based Marketing

    Work from home Full-time role

    [Remote] Cloud IT Consultant

    Work from home Full-time role

    Remote Data Entry Specialist – $30/hr – Flexible Work‑From‑Home Opportunity with careerzynith

    Work from home Full-time role

    iOS Developer - San Bruno, CA – (Remote)

    Work from home Full-time role

    Help Desk Support - Part Time Weekend Shift - Remote Job at Wunderlich-Malec Engineering, Inc in Hopkins

    Work from home Full-time role

    Software Engineer (Full stack/Backend Engineer for Full-time/Intern/Potential Founder)

    Work from home Full-time role

    Experienced Email Live Chat Support Specialist – Remote Work Opportunity with careerzynith

    Work from home Full-time role

    Risk Manager (Crypto Fund / DeFi & Quant Strategies)

    Work from home Full-time role

    Docketly Coverage Operations Specialist-Remote

    Work from home Full-time role

    Senior Data Center Connectivity Engineer

    Work from home Full-time role

    Radiologist - Remote |Only evenings, nights and weekend

    Work from home Full-time role

    DevOps / Site Reliability Engineer ID70127

    Work from home Full-time role

    Experienced Part-Time Remote Chat Support Associate – Flexible Work Schedule at careerzynith

    Work from home Full-time role

    Associate Attorney, Peoria

    Work from home Full-time role

    Third Party Risk Analyst | INTL - LATAM

    Work from home Full-time role

    Outpatient Therapist job at Clarvida in Stroudsburg, PA, Milford, PA

    Work from home Full-time role

    RN CLINICAL DOCUMENT CASE MANAGER - CDI SPECIALIST (CLINICAL DOCUMENTATION INTEGRITY)

    Work from home Full-time role

    Quereinsteiger im Vertrieb im Homeoffice (w/m/d)

    Work from home Full-time role