×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager Network Security

Security Engineer, Application Security

Job in New York, New York County, New York, 10261, USA
Listing for: Trail of Bits Inc.
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager, Network Security
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: New York

Who We Are

Founded in 2012 by 3 expert hackers with no investment capital, Trail of Bits is the premier place for security experts to boldly advance security and address technology’s newest and most challenging risks. It has helped secure some of the world's most targeted organizations and devices. Our combination of novel research with practical solutions reduces the security risks that our clients face from emerging technologies.

Our work helps drive the security industry and the public understanding of the technology underlying our world.

Cybersecurity preparedness is a moving target. Companies like ours are the tip of the spear in the fight against attackers. Our research-based and custom-engineering approach ensures that our client’s capabilities are at the forefront of what’s available. For companies and technologies that live and die by their security, a proactive, tailored approach is required to keep one step ahead of attackers.

Democratizing security information is essential. As part of our business, we provide ongoing informational support through blogs, whitepapers, newsletters, meetups, and open-source tools. The more the community understands security, the more they’ll understand why a company like ours is so unique and valuable.

Role

Trail of Bits seeks a Security Engineer, Application Security within our growing Software Assurance practice. You will conduct comprehensive security assessments of client software with a focus on low-level code analysis, examining system architecture, security boundaries, access controls, and platform security mechanisms.

On any given day, you might analyze vulnerabilities in application code, automate the detection of security misconfigurations in cloud environments, assess privilege escalation capabilities, or review security boundaries in complex systems. Working alongside other security engineers, you'll contribute to client projects while building impactful tools. In short, your work will land at the intersection of Vulnerability Research and Application Security.

In addition to working with leading technology companies in the private sector, you will have opportunities to collaborate with our Research & Engineering team to help secure funding from government agencies for advanced security research that bridges vulnerability research and application security, advancing the state of the art both within our team and industry at large.

What You’ll Achieve
  • Security Assessment:
    Conduct comprehensive low-level code security assessments across applications, examining vulnerabilities in system services, access control implementation, inter-process communication, and platform security controls while developing mitigation strategies.
  • Security Tool Development:
    Design and implement custom security tools for automated vulnerability detection, focusing on both application-specific and general security testing needs to bridge the gap between vulnerability research and application security.
  • Architecture Review:
    Perform detailed architecture reviews and threat modeling of complex software systems and cloud environments, identifying potential security weaknesses in areas such as data flows, authentication mechanisms, and API security while providing remediation guidance.
  • Client Engagement:
    Work directly with industry-leading teams to review their application infrastructure and architecture, helping secure their environments through deep technical analysis and recommendations.
  • Research & Innovation:
    Contribute to the advancement of application security, developing new methodologies and tools while staying up to date with the latest security developments in both traditional and emerging technology ecosystems.
What You’ll Bring
  • Application security assessment experience. Direct experience conducting low-level code security assessments of complex software, identifying and mitigating application and system-level vulnerabilities. You read the code, not just the scanner output.
  • Manual code review depth. Hands‑on experience performing manual code reviews to find vulnerabilities that automated tools miss. You can explain why a bug is exploitable, not just that a tool flagged it.
  • S…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search