Application Security Engineer

Role Overview

As an Application Security Engineer at Oneleet, you'll bring security depth to our product engineering teams as we expand our cybersecurity platform. You'll own the security judgment layer that sits between raw tooling output and what our customers actually see — deciding what to surface, what to suppress, and how to make findings genuinely useful rather than noisy.

What You Will Do

Own the integration, configuration, and output quality of security tooling that powers our platform, tune outputs to maximize signal and minimize noise, design rules, severity scoring, and triage flows that make findings actionable rather than overwhelming, and build the security judgment layer on top of underlying tooling.

Why It Might Be a Fit

You'll be the security voice in product and engineering decisions, and you'll be empowered to push back when security judgment requires it. You'll work directly with customers — security teams using the platform day-to-day — to understand what they actually need, and iterate quickly based on their feedback.

Requirements

• 5+ years of application security experience
• Strong programming skills in at least one of Go, Python, or TypeScript
• Hands-on experience tuning security tooling for production use
• Understanding of vulnerability research, CVE/CWE taxonomies, and exploit reasoning
• Excellent communication skills and comfort working directly with customers
• Pragmatic; knows how to build things fast without unnecessarily complicating things
• Experience in (and thrives in) a fast-moving, start-up engineering environment

Benefits

• Comprehensive health & wellness benefits
• 20 days PTO per year, plus 8 floating holiday
• Remote work culture
• Team off-sites in stunning places
• Competitive compensation & equity