Senior Application Security Engineer
Description For Senior Application Security Engineer
CloudZero is seeking their first Senior Application Security Engineer to shape the security framework of their market-leading cloud cost intelligence platform. This pivotal role involves addressing critical challenges that cloud-driven businesses face today. The position offers a unique opportunity to make a foundational impact on the security of an innovative, fast-growing company.
The ideal candidate will establish and champion best-in-class security practices, ensuring platform resilience and customer data protection. Working closely with engineering teams, they will design and implement secure development processes, identify and address vulnerabilities, and foster a security-first mindset throughout the product lifecycle.
CloudZero, founded in 2016, has raised over $52 million from leading venture capital firms and is focused on making efficient innovation a reality for cloud-driven organizations. The platform ingests billing and usage data from all cloud, SaaS, and PaaS providers, organizing it in real-time according to customers' business structures.
The role requires a strong background in application security, with expertise in Python and cloud platforms (AWS/GCP/Azure). Key responsibilities include developing security programs, conducting assessments, implementing automation, and participating in incident response. The position offers the opportunity to work with cutting-edge technology while solving complex problems in the growing field of cloud cost management.
As part of the Office of CTO, you'll have the chance to influence security strategies directly and work with various teams to embed security into all aspects of the development process. This role is perfect for someone who combines technical expertise with strong communication skills and a passion for enabling developers to adopt secure practices without friction.
Responsibilities For Senior Application Security Engineer
- Build and lead application security program
- Champion and drive Security Champions Program
- Integrate security into development lifecycle
- Partner with Engineering and Security teams
- Conduct security assessments, code reviews, and threat modeling
- Manage application security tooling (SAST/DAST)
- Implement security automation
- Participate in incident response team on-call rotation
Requirements For Senior Application Security Engineer
- 3-5+ years of Python experience
- 3-5+ years of AWS, GCP, and Azure experience
- Strong foundation in application security
- Expertise with Burp Suite
- Strong understanding of OWASP Top 10
- Experience in penetration testing
- Familiarity with SCA tools
- Experience securing AWS environments
- Knowledge of secure coding practices
- Experience with threat modeling frameworks
- Exceptional communication skills
- Ability to participate in on-call rotation
Benefits For Senior Application Security Engineer
- Note: No visa sponsorship available - must be authorized to work in the US
Jobs Related To CloudZero Senior Application Security Engineer
