Sr. Application Security Engineer

ABOUT US

Gen is a global company dedicated to powering Digital Freedom through its trusted consumer brands including Norton, Avast, LifeLock, MoneyLion and more. Our combined heritage is rooted in financial empowerment and cyber safety for the first digital generations, and today we deliver award-winning cybersecurity, online privacy, identity protection and financial wellness solutions to nearly 500 million users in more than 150 countries.

Together, we share a collective passion and vision to protect consumers and help them grow, manage and secure their digital and financial lives. We’re always looking for smart, fearless and high-impact talent who see AI as a teammate – leveraging it to move faster and deliver meaningful results.

When you’re part of Gen, you’ll have the flexibility, tools and support to do your best work and grow your career – from flexible working options and time off to competitive pay, benefits and well-being programs.

At Gen, we are scrappy and relentlessly customer driven. We create room for healthy debate, experimentation and continuous learning, and we seek out people with different experiences, identities and ideas to join our team. You’ll work with people who back each other, respect each other and understand that our differences are a competitive advantage.

If this sounds like you, we’d love you to be part of Gen.

ABOUT THE ROLE

As a Senior Application Security Engineer, you will help strengthen and scale secure development practices across Gen’s products and platforms. Working closely with engineering, platform and product teams, you’ll help embed security throughout the software development lifecycle while enabling teams to build and deliver software efficiently and securely.

This is a senior individual contributor role where success comes through technical expertise, collaboration and influence. You’ll combine hands-on application security work with ownership of key AppSec initiatives, helping teams identify and reduce risk, improve security tooling and drive measurable security improvements across the organization.

You’ll work across a diverse technology landscape, contributing to security reviews, vulnerability management, developer enablement and the evolution of our application security program. We’re looking for someone who enjoys solving complex security challenges, partnering with engineering teams and using AI to improve security and development workflows.

IN THIS ROLE, YOU WILL

• Partner with engineering, platform and product teams to integrate security into development workflows and release processes.
• Perform application security reviews, threat modeling and security assessments for new features, services and architectural changes.
• Provide guidance on secure coding practices, vulnerability remediation and application hardening.
• Evaluate, implement and optimize application security tooling, including SAST, DAST and Software Composition Analysis (SCA).
• Integrate security controls and testing into CI/CD pipelines and engineering workflows.
• Support vulnerability triage, prioritization and remediation efforts across teams.
• Contribute to incident investigations, root cause analysis and long-term security improvements.
• Develop security standards, documentation, playbooks and developer guidance.
• Define and track security metrics to improve visibility, coverage and risk reduction.
• Evaluate emerging security technologies and help drive adoption of tools that create value for engineering teams.
• Promote secure AI-assisted development practices and responsible use of AI technologies.
• Foster a strong security culture through collaboration, enablement and knowledge sharing.

ABOUT YOU

• Experience in Application Security, Product Security, Secure Software Development or a related field.
• Strong understanding of application vulnerabilities, secure coding principles and frameworks such as OWASP Top 10.
• Experience with application security testing technologies, including SAST, DAST, SCA and vulnerability management platforms.
• Ability to understand source code, infrastructure definitions, configuration files and CI/CD pipelines.
• Strong understanding of modern software development practices and developer workflows.
• Experience integrating security controls into development and delivery pipelines.
• Ability to assess security risks pragmatically and communicate effectively with both technical and non-technical stakeholders.
• Strong collaboration skills and experience working across engineering, product and security teams.
• Analytical mindset with a data-informed approach to prioritization and decision making.
• Experience evaluating security tools, technologies and vendor solutions.
• Familiarity with AI-assisted engineering workflows and secure adoption of AI technologies.
• Strong written and verbal English communication skills.

Experience in one or more of the following areas is a plus

• API Security
• Mobile Application Security (iOS and Android)
• Secrets Management and Credential Security
• Cloud-native platforms and modern application architectures
• Security enablement programs and developer education initiatives
• Scaling application security programs in large and complex engineering environments

WHAT’S NEXT

The interview process consists of four stages.

You’ll first meet Curtis, the Hiring Manager, to discuss your experience, the role and the team.

The next two interview rounds will be with members of the Application Security team and will focus on your technical experience, approach to security challenges and collaboration style.

The final interview will be with Curtis’ manager.