The Senior Application Security Engineer is a senior individual contributor responsible for driving application security outcomes across Hippo’s engineering organization. This role serves as a trusted subject matter expert in application security, providing deep technical guidance and influencing secure design decisions across multiple teams, products, and services.
Requirements
- 6+ years of experience in application security or product security roles.
- Demonstrated impact improving application security outcomes across multiple teams, systems, or business domains.
- Deep experience securing web applications, APIs, distributed systems, WAFs, and customer identity platforms.
- Strong understanding of authentication and identity protocols (OAuth2, OIDC, SAML, JWT, MFA).
- Proven ability to review system designs, data flows, and identify architectural security risks.
- Solid understanding of cloud-native application architectures and CI/CD pipelines from an application risk perspective.
- Experience designing or maintaining automated security tooling and pipelines (SAST, DAST, SCA, secrets detection).
- Proficiency in one or more modern programming languages.
Benefits
- Multiple medical plans to choose from and 100% employer covered dental & vision plans for our team members and their families.
- 401(k)-retirement plan, short & long-term disability, employer-paid life insurance, Flexible Spending Accounts (FSA) for health and dependent care, and an Employee Assistance Program (EAP)
- Equity compensation
- Training and internal career growth opportunities
- Flexible Time Off
- 12 weeks of parental leave for primary and secondary caregivers
- Snacks and drinks available and catered lunches for onsite employees
