×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Data Security Cloud Computing

Sr. Application Security Engineer

Remote / Online - Candidates ideally in
Coos Bay, Coos County, Oregon, 97458, USA
Listing for: hims
Remote/Work from Home position
Listed on 2026-01-25
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Data Security, Cloud Computing
Job Description & How to Apply Below

Overview

Hims & Hers is the leading health and wellness platform, on a mission to help the world feel great through the power of better health. We are redefining healthcare by putting the customer first and delivering access to care that is affordable, accessible, and personal, from diagnosis to treatment to delivery. No two people are the same, so we provide access to personalized care designed for results.

By normalizing health & wellness challenges and innovating on their solutions, we’re making better health outcomes easier to achieve.

Hims & Hers is a public company, traded on the NYSE under the ticker symbol “HIMS.” To learn more about the brand and offerings, you can visit  and  For information on the company’s outstanding benefits, culture, and its talent-first flexible/remote work approach, see below and visit

About the Role

We are seeking a Senior Application Security Engineer II to join our security team. This role will focus on ensuring the security of our applications throughout the development lifecycle, with an emphasis on modern security practices including AI/ML security considerations. You will work closely with development teams to implement secure coding practices and maintain our application security posture.

You Will

  • Conduct security assessments using SAST, DAST, and SCA tools to identify vulnerabilities in applications

  • Perform code reviews and provide secure coding guidance to development teams

  • Implement and maintain Git Hub Advanced Security, including secret scanning and code scanning

  • Assess and improve security of Infrastructure as Code (IaC) deployments using Terraform

  • Evaluate container security in our Docker and Kubernetes environments

  • Support CI/CD security integration and automation

  • Conduct penetration testing and red team/purple team exercises on applications

  • Review and secure API implementations, with focus on Graph

    QL security

  • Evaluate AI/ML model security and implement protections against prompt injection and other AI-specific threats

  • Collaborate with the Staff App Sec Engineer on CIAM and advanced AI security initiatives

  • Maintain security documentation and contribute to security awareness training

You Have

  • Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field

  • 5-8 years of experience in application security or related security field

  • Hands-on coding experience and ability to review code in multiple languages

  • Professional experience with SAST tools (e.g., Sonar Qube, Checkmarx, Fortify)

  • Professional experience with DAST tools (e.g., Burp Suite, OWASP ZAP)

  • Professional experience with SCA tools (e.g., Snyk, Black Duck, White Source)

  • Experience with Git Hub Advanced Security features

  • Container security scanning and IaC security scanning tools experience

  • Strong understanding of OWASP Top 10 and secure coding practices

  • Experience with penetration testing methodologies

  • Knowledge of security frameworks: NIST CSF, NIST 800-53, SOC 2, PCI DSS

  • Excellent communication skills to articulate security findings to technical and non-technical stakeholders

Preferred Qualifications

  • Industry certifications such as GIAC (GWEB, GSSP, GCSA), SANS, or OSCP

  • Experience with Oligo, Socket, or Now Secure for mobile/runtime security

  • AI/ML security and prompt injection prevention experience

  • Cloudflare WAF and Bot Management configuration (nice to have)

  • Purple team and red team exercise experience

  • Security automation and scripting (Python, Go, or similar)

  • Contributions to the security community (research, tools, presentations)

  • Experience in healthcare or regulated industries

Technical Stack

  • Security Tools:
    Snyk, Burp Suite, Git Hub Advanced Security, Terraform security scanners

  • Languages:

    Proficiency in reviewing Python, JavaScript, Java, Go, and other modern languages

  • Cloud: AWS (primary), multi-cloud experience beneficial

  • CI/CD:
    Experience with Jenkins, Git Hub Actions, or similar

  • Containers:
    Docker, Kubernetes (EKS)

What We re Looking For

  • Someone who can balance security requirements with business needs

  • A professional who stays current with emerging security threats, especially in AI/ML

  • Strong collaborator who can work effectively with development teams

  • Self-motivated individual who can…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search