Senior Security Engineer

Description Our Oakland client is seeking a hands-on Senior Application Security Engineer to bridge application security and development teams. This is an opportunity to drive foundational application security work, working directly with developers to ensure secure software delivery across the organization. This is a contract role to start, and is 100% remote. Key Responsibilities: Bug Bounty / Ethical Hacker Program Management (Bugcrowd): + Own daily management of our Bugcrowd program + Review and triage incoming vulnerability findings + Work with ethical hackers and engineers on issue resolution + Explain vulnerabilities and provide clear remediation guidanceu2014understand not just whatu2019s wrong, but how to fix it Secure Software Development Lifecycle (Secure SDLC): + Help design and mature our secure SDLC program (security is early in the journey here) + Partner with developers to integrate security testing early in the process + Perform and coordinate hands-on security testing prior to production releases + Identify and remediate vulnerabilities before deployment Code Scanning & Tooling (Snyk): + Manage and interpret findings from Snyk across code repositories + Review, validate, and prioritize vulnerabilities, supporting developers to distinguish real issues from false positives + Provide actionable, clear guidance for remediations Social Account Security Oversight: + Oversee security for company social media and brand accounts + Enforce MFA, SSO, and leverage Survey as a tool for access management Requirements u00b7 Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience). u00b7 5+ years in application security, secure software development, and penetration testing. u00b7 Strong understanding of web technologies (HTML, JavaScript, Python, REST APIs, etc.). u00b7 Experience with security tools for code security, bug bounty programs, and the ability to integrate them into CI/DC pipelines for automated security testing. u00b7 Familiarity with OWASP Top 10, SANS Top 25, CWE, CVE, and secure coding practices. u00b7 Knowledge of cloud environments (AWS, Azure, GCP) and their security features. u00b7 Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders. Additional Qualifications Preferred: u00b7 Industry certifications such as CSSLP, GWAPT, OSCP, or CEH u00b7 Experience with container security and CI/CD pipeline integration u00b7 Familiarity with regulatory and compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS) u00b7 Prior experience working in agile, DevOps, or fast-paced development environments Technology Doesn't Change the World, People Do.u00ae Robert Half is the worldu2019s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles. Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. Download the Robert Half app ( and get 1-tap apply, notifications of AI-matched jobs, and much more. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit roberthalf.gobenefits.net for more information. u00a9 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking u201cApply Now,u201d youu2019re agreeing to Robert Halfu2019s Terms of Use ( and Privacy Notice (.

Created: 2026-02-12