Senior Application Security Engineer [Remote-US]

To help keep everyone safe, we encourage all applicants to pay close attention to protect themselves during their job search. When applying for a position online you are at risk of being targeted by malicious actors looking for personal data. Please be aware we will only reach out via email using the domain quanata.com. Anything that does not match those domains should be ignored and considered a security risk.About UsQuanata is on a mission to help ensure a better world through context-based insurance solutions. We are an exceptional, customer centered team with a passion for creating innovative technologies, digital products, and brands. We blend some of the best Silicon Valley talent and cutting-edge thinking with the long-term backing of leading insurer, State Farm. Learn more about us and our work at quanata.comOur TeamFrom data scientists and actuaries to engineers, designers and marketers, we're a world class team of tech-minded professionals from some of the best companies in Silicon Valley, and around the world. We've come together to create the context-based insurance solutions and experiences of the future. We know that the key to our success isn't just about nailing the technology—it's hiring the talented people who will help us continue to make a quantifiable impact.The roleAs a Senior Application Security Engineer, you will serve as the primary partner for web and backend engineering teams, helping embed security best practices throughout the software development lifecycle. You will support secure design, conduct threat modeling, review backend and frontend code, and lead integration of security tools into developer workflows. Your role bridges frontend and API security, and you'll be responsible for helping developers resolve complex security challenges across product surfaces.Your day-to-dayPartner with one product portfolio to facilitate overall product security management, emphasis on AI/ML-specific security concerns and cross-functional work with data science teamsPerform security design reviews and threat modeling on APIs, web features, and service integrations, including integrating SAST, SCA, and DAST tools into CI/CD pipelinesSupport secure development practices across security champions and engineeringReview source code and deployment configurations for security vulnerabilitiesCollaborate with developers to triage, fix, and validate vulnerability findingsParticipate in cross-functional incident response and remediation planningDraft and maintain AppSec guidance for engineering teams and security championsContribute to security awareness and enablement across the engineering orgDevelop AppSec related integrations and deployments of automation solutions (ASVS scanning, burpsuite enterprise)Support application security integration reviews, saas security assessments, oss reviewsAbout youBachelor's degree or equivalent relevant experience and;6 - 8 years of experience in application security or full-stack development with security expertiseStrong understanding of secure coding in JavaScript/TypeScript, Node.js, and web standardsFamiliar with application risk and vulnerabilities (OWASP Top 10, API Security, SSRF, etc.)Experience with code scanning tools (e.g., CodeQL, Semgrep, SonarQube, Snyk)Comfortable reading and debugging complex codebases across the stackClear and thoughtful communicator with the ability to guide engineers at all levelsBonus pointsExperience with GraphQL securityParticipation in security champions programs or secure SDLC rolloutsContributions to open-source security toolingFamiliarity with infrastructure-as-code and container securitySalary: $220,000 to $350,000**Please note that the final salary offered will be determined based on the selected candidate's skills, and experience, as well as the internal salary structure at Quanata. Our aim is to offer a competitive and equitable compensation package that reflects the candidate's expertise and contributions to our organization.Additional Details: Benefits: We provide a wide variety of health, wellness and other benefits.These include medical, dental, vision, life insurance and supplemental income plans for you and your dependents, a Headspace app subscription, monthly wellness allowance and a 401(k) Plan with a company match.Work from Home Equipment: Given our virtual environment— in order to set you up for success at home, a one-time payment of $2K will be provided to cover the purchase of in-home office equipment and furniture at your discretion. Also, our teams work with MacBook Pros, which we will deliver to you fully provisioned prior to your first day.Paid Time Off: All employees accrue four weeks of PTO in their first year of employment. New parents receive twelve weeks of fully paid parental leave which may be taken within one year after the birth and/or adoption of a child. The twelve weeks is applicable to both birthing and non-birthing parent.Personal and Professional Development: We're committed to investing in and helping our people grow personally and professionally. All employees receive up to $5000 each year for professional learning, continuing education and career development. All team members also receive LinkedIn Learning subscriptions and access to multiple different coaching opportunities through BetterUp.Location: We are a remote-first company for most positions so you may work from anywhere you like in the U.S, excluding U.S. territories. For most positions, occasional travel may be requested or encouraged but is not required. Some positions might require travel per the job description provided to the employee. Employees based in the San Francisco Bay Area or in Providence, Rhode Island may commute to one of our local offices as desired. Hours: We maintain core meeting hours from 9AM - 2PM Pacific time for collaborating with team members across all time zones. Quanata, LLC is an equal opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.If you are a San Francisco resident, please read the City and County of San Francisco's Fair Chance Ordinance notice. https://www.sf.gov/sites/https://www.sf.gov/sites/default/files/2022-12/FCO poster2020_0.pdfThis role is employed by Quanata, LLC which is a separate company in the State Farm family of companies.If you require a reasonable accommodation, please reach out to your Talent Acquisition Partner for assistance.

Salary : $220,000 - $350,000