Senior Application Security Engineer at Apollo.io focusing on application security in SaaS environments. Collaborating on secure software development and vulnerability management.
About the role
- Senior Cloud Application Security Engineer securing Trulioo’s AWS-hosted SaaS platform. Collaborating with teams to automate security in CI/CD pipelines and safeguard application integrity.
Responsibilities
- Collaborate with DevOps, Engineering, and other stakeholders to design, implement, and operate cloud and application security capabilities across CI/CD pipelines and production environments
- Lead and support application security reviews and threat modeling, including code review, static, and dynamic testing
- Own and improve vulnerability management processes across application and infrastructure layers, including CI/CD-integrated workflows
- Establish and maintain AWS security guardrails, ensuring services are properly configured with effective monitoring, visibility, and alerting
- Design and implement Kubernetes and container security controls, including configuration standards, access controls, and runtime considerations
- Drive automation of security workflows to reduce manual effort and improve response times
- Support Infrastructure as Code (IaC) security practices, including Terraform-based deployments
- Monitor systems for irregular behavior, improve detection capabilities, and assist in incident response and investigation
- Track and report on the effectiveness of security controls and continuously improve security posture
- Research and evaluate emerging technologies and security trends to improve platform security and operational efficiency
Requirements
- Strong experience in cloud security, preferably AWS, with hands-on implementation of security controls and guardrails
- Experience securing containerized environments and Kubernetes platforms (RBAC, network policies, workload security), including designing and implementing controls in production environments
- Strong experience implementing security controls within CI/CD pipelines and influencing developer workflows
- Experience with vulnerability management across application and infrastructure layers, including prioritization and remediation workflows
- Hands-on experience with AWS security services such as SecurityHub, GuardDuty, IAM, Config, Control Tower, CloudWatch, and related tooling
- Strong DevSecOps experience with a cloud provider, ideally AWS (bonus points for AWS certifications)
- Strong scripting and automation experience (Python, Terraform, or similar), with a focus on reducing manual operational work
- Experience with monitoring and logging platforms (e.g., Sumo Logic or equivalent)
- Knowledge of security frameworks and standards (e.g., OWASP Top 10, ISO 27001, SOC 2)
- Strong technical background in Linux and cloud-based systems
- Ability to operate independently and prioritize effectively in a dynamic environment
- Strong problem-solving and critical thinking skills, with a focus on practical, scalable solutions
- Excellent communication and collaboration skills across engineering and security teams
- 5+ years of experience in cloud, application, or platform security, with demonstrated depth in AWS and modern cloud-native environments
- Bachelor’s degree in computer science, engineering, or equivalent experience.
Benefits
- Comprehensive Benefits: We provide a robust benefits package for full-time, permanent employees, including health, dental, and vision coverage, retirement plans with company match, paid time off, parental leave, and an annual education & training stipend (equivalent to $1,000 in local currency).
- Flexible Hybrid Working Environment: Our offices are designed to support both collaboration and flexibility. Enjoy weekly lunches, quality coffee, and regular social events. Many locations also feature parent rooms, on-site gyms, comfortable lounges, and adaptable workstations to support your comfort and productivity.
- Wellness: We care about your well-being. Team members have access to wellness workshops and events, as well as a complimentary Headspace subscription to help you stay focused, grounded, and energized.
- Employee Resource Groups: Belonging is an important part of doing your best work. Our ERGs provide an inclusive space, support and community for employees of diverse backgrounds and allies.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Staff ERP Application Engineer overseeing NetSuite ecosystem design and development for a global micromobility leader. Focused on financial operations and intercompany integrations in a collaborative remote environment.
Staff ERP Application Engineer for Oracle Fusion Cloud at Lime. Leading architecture, design, and implementation of Oracle Fusion systems focusing on Order Management and Revenue platforms.
LP
FTE Application Analyst
LinkedIn Recruiter Post
FTE Application Analyst in DT Vancouver: configure enterprise apps, gather requirements, strong SQL required. 3 days onsite.
Cloud Application Security Engineer securing SaaS applications and infrastructure hosted in AWS. Collaborating with DevOps and Engineering for scalable security solutions within a hybrid work environment.
Lead Application Engineer defining technical requirements for IEC 61850 solutions at GE Vernova. Collaborating with cross - functional teams in a remote work environment.
Application Engineer specializing in bearing design and manufacturing support for Schaeffler Aerospace. Collaborating with R&D and various functional teams to ensure product quality and performance.
Lead Application Engineer defining technical requirements for IEC 61850 architectures in Green Energy transition. Collaborating with teams to resolve issues and develop controller solutions.
LP
Mainframe Application Developer
LinkedIn Recruiter Post
Mainframe Application Developer needed to design, develop, and maintain mainframe applications using COBOL, CICS, and DB2 for a top financial client.
LP
Jr. Software Developer/ Application Support Analyst
LinkedIn Recruiter Post
Hiring Jr. Software Developer/Application Support Analyst for 1 - year hybrid contract in Toronto. Requires 2+ years experience, API knowledge, and troubleshooting skills.