×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Senior Application Security Engineer

Job in Minneapolis, Hennepin County, Minnesota, 55400, USA
Listing for: Branch
Full Time position
Listed on 2026-06-26
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 180000 - 190000 USD Yearly USD 180000.00 190000.00 YEAR
Job Description & How to Apply Below

Overview

Branch is on a mission to empower workers with financial freedom by helping companies accelerate payments and providing accessible, free financial services. We are committed to building more inclusive, transparent, and frictionless financial products. Our goal of empowerment extends to our own employees, too. Your voice and creativity matter and can directly impact our products, company, and culture. We value diversity of opinions and working styles and strive for innovation, initiative, and winning together.

Join us as we develop new ways to improve the lives of working Americans.

About the role

Branch is seeking an experienced Security professional to join our team. This position will work in all aspects of security, so broad security knowledge is preferred. The ideal candidate will have a background in securing applications, networks, cloud environments, and corporate devices.

Responsibilities
  • Embed security into the SDLC by partnering with Engineering to implement secure design patterns, conduct threat modeling, and deliver developer-focused App Sec training
  • Lead and perform application security assessments including SAST, DAST, SCA, and manual code review across web, mobile, and API surfaces
  • Drive API security across internal and external services — including authentication, authorization, rate limiting, and abuse prevention controls
  • Own and mature the vulnerability management program, including prioritization frameworks, SLA tracking, and cross-functional remediation coordination
  • Champion software supply chain security initiatives, including SBOM generation, dependency risk analysis, and third-party component vetting
  • Assist GRC with technical third-party risk reviews and vendor security assessments
  • Respond to and lead security incidents in a measured, programmatic, and timely manner — from identification through post-incident review
  • Implement and iterate on security automation and orchestration to improve detection, response, and coverage at scale
  • Implement, monitor, and continuously improve security controls across cloud infrastructure, endpoints, and the product
  • Assess and mitigate AI-specific security risks across Branch's use of LLMs and AI-powered features, including prompt injection, model abuse, and insecure output handling
Qualifications
  • 5–7 years of experience in a security engineering or application security role, ideally within a fintech or high-growth startup environment
  • Strong communication skills — able to translate technical risk clearly for both engineering audiences and senior leadership
  • Hands-on SAST/DAST experience; familiarity with tools such as Semgrep, Snyk, Checkmarx, Burp Suite Pro, or equivalents
  • Demonstrated ability to independently work security incidents end-to-end — including malware, phishing, DLP events, and API abuse
  • Experience securing cloud-native environments, including IAM, container/Kubernetes workloads, and serverless functions
  • Solid working knowledge of API security standards (OWASP API Top 10, OAuth 2.0/OIDC, JWT hardening)
  • Experience with mobile application security testing (iOS/Android) is a plus
  • Familiarity with security frameworks including SOC 2, PCI-DSS, NIST CSF, and OWASP SAMM
  • Scripting proficiency in Python and/or Bash for automation and tooling; experience with security orchestration platforms (e.g., Tines, XSOAR, Torq) is a plus
  • Strong ethics and discretion — this role regularly handles confidential and sensitive information
  • Familiarity with AI/LLM security risks and emerging standards (OWASP LLM Top 10, MITRE ATLAS) — including prompt injection, data leakage through model outputs, and supply chain risks introduced by third-party AI services
  • Security certifications a plus (OSCP, GWEB, CISSP, SANS GWAPT, etc.)
Compensation

The base salary range for this role is $180-190k. The salary range displayed reflects an average base salary range for the position across all the U.S. The base salary offered to an applicant could be higher or lower based on each applicant's specific skill set, depth of experience, relevant education or training, etc.

Location

This position is classified as REMOTE within the United States of America.

Benefits
  • Market-leading medical,…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search