Zeta Global

Lead Application Security Engineer

Zeta Global$140K — $180K *
US-AnywhereRemote in United States
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's in Computer Science, Cybersecurity, or related field, or equivalent experience.
  • 5+ years in Application Security, DevSecOps, or Security Engineering.
  • Strong knowledge of OWASP Top 10 and SANS CWE Top 25.
  • Familiarity with AI/ML security concepts like data poisoning and model integrity.
  • Experience integrating AI-assisted security workflows or automation systems.
  • Proficient with modern application frameworks like React or Node.js.
  • Knowledge of cloud platforms such as AWS, GCP, or Azure.

Responsibilities

  • Use AI tools to identify security risks in applications and platforms early in the development process.
  • Leverage automated tools to review code, architecture, and data flows for security vulnerabilities.
  • Drive code security reviews using diverse security assessment techniques.
  • Assess third-party dependencies for security risks using intelligent automation.
  • Collaborate with developers to embed security testing in CI/CD pipelines.
  • Build automated feedback systems to enhance developer security practices.
  • Monitor and evaluate evolving security threats using AI-driven analysis.

Benefits

  • Unlimited PTO
  • Comprehensive medical, dental, and vision coverage
  • Employee Equity
  • Various employee discounts and virtual wellness classes
  • Pet Insurance and additional perks!
Full Job Description
About the Role
We're seeking a Lead Application Security Engineer to help advance Zeta Global's application and platform security posture through AI-native security practices, intelligent automation, and scalable security engineering. You'll play a critical role in embedding security throughout the software development lifecycle by using AI-driven tools, automated controls, and data-informed risk prioritization to ensure our systems, applications, and AI-powered platforms are built securely from the ground up.

Zeta operates at massive scale, powering billions of consumer profiles and petabytes of data across real-time, AI-powered marketing platforms. In this role, you'll collaborate with Engineering, Product, QA, DevOps, and AI platform teams to identify risks, design secure-by-default patterns, and build automated security capabilities that enable secure innovation at speed.

This position offers significant technical scope, cross-functional visibility, and the opportunity to directly influence the company's security maturity through AI-enabled threat modeling, automated validation, intelligent vulnerability management, and proactive defense.

Key Responsibilities

AI-Driven Threat Modeling & Security Validation
  • Use AI-assisted threat modeling capabilities to identify application, platform, API, cloud, data, and AI/ML security risks early in the design and development process.
  • Leverage automated security review tools to evaluate architecture, design documents, code changes, APIs, and data flows for security gaps and control weaknesses.
  • Drive AI-assisted code security reviews using SAST, DAST, SCA, secrets detection, IaC scanning, container scanning, and contextual risk analysis.
  • Use automation and intelligent correlation to assess third-party libraries, APIs, vendor integrations, and open-source dependencies for security, compliance, and supply-chain risk.
  • Support AI-enabled red team, blue team, and incident response simulations to validate detection, prevention, and response capabilities.

Embedding AI-Native Security into the SDLC
  • Partner with developers and QA engineers to embed AI-driven security testing and automated risk detection into CI/CD pipelines.
  • Build and improve security automation that provides real-time feedback to developers during design, coding, testing, release, and deployment.
  • Use AI-assisted analysis to review architecture and design artifacts, identify risks earlier, and recommend secure implementation patterns.
  • Contribute to intelligent security checkpoints that reduce manual review effort while improving consistency, traceability, and developer velocity.
  • Help design scalable guardrails, reusable security controls, and policy-as-code capabilities across application and platform teams.

Emerging Threat Monitoring & Proactive Defense
  • Monitor evolving application, cloud, API, AI/ML, and data security risks using AI-assisted threat intelligence, vulnerability intelligence, and attack-pattern analysis.
  • Identify and evaluate AI-specific threats such as prompt injection, data poisoning, model abuse, model leakage, insecure tool use, and sensitive data exposure.
  • Assist in designing and deploying proactive defense mechanisms across applications, APIs, data platforms, and AI-powered systems.
  • Use automated signals, telemetry, and risk scoring to support investigations, post-incident analysis, and continuous improvement of prevention and detection capabilities.
  • Translate recurring vulnerabilities and incidents into feedback loops that improve threat models, secure design patterns, and SDLC controls.

Security Awareness, Standards & Scalable Enablement
  • Promote secure coding and secure design practices through AI-assisted guidance, reusable playbooks, automated recommendations, and developer-friendly documentation.
  • Contribute to internal security standards, secure engineering patterns, and AI-native security playbooks.
  • Help teams adopt security self-service capabilities that reduce dependency on manual AppSec review.
  • Collaborate closely with Engineering, DevOps, QA, Product, and AI platform teams to foster a security-first and automation-first culture.
  • Use metrics and insights to measure control effectiveness, remediation trends, developer adoption, and overall security maturity.

What You Need to Succeed
  • Bachelor's degree in Computer Science, Cybersecurity, or a related field, or equivalent practical experience.
  • 5+ years of experience in Application Security, DevSecOps, Secure Software Development, or Security Engineering.
  • Strong understanding of OWASP Top 10, SANS CWE Top 25, secure design principles, and application threat modeling.
  • Familiarity with AI/ML security concepts such as prompt injection, data poisoning, adversarial testing, model integrity, model abuse, and AI supply-chain risks.
  • Experience building or integrating AI-assisted security workflows, security bots, automated triage systems, or risk scoring models.
  • Experience using AI-assisted or automation-driven approaches to improve security testing, vulnerability analysis, code review, or risk prioritization.
  • Experience with modern application frameworks and architectures such as React, Node.js, Django, FastAPI, or similar technologies.
  • Knowledge of securing APIs, microservices, authentication, and authorization mechanisms such as OAuth2, OIDC, JWT, and service-to-service authentication.
  • Experience with cloud platforms such as AWS, GCP, or Azure, and containerized environments such as Docker and Kubernetes.
  • Working knowledge of security testing and automation tools such as Semgrep, SonarQube, Burp Suite, OWASP ZAP, Trivy, Snyk, GitHub Advanced Security, or similar tools.
  • Ability to analyze security findings, correlate risk context, and drive practical remediation guidance for engineering teams.
  • Strong collaboration and communication skills with the ability to work across Engineering, Product, QA, DevOps, and Security teams.

Nice to Have
  • Experience with policy-as-code, infrastructure-as-code security, CI/CD security controls, and automated governance.
  • Experience with automation frameworks and scripting for security testing, vulnerability validation, and remediation workflows.
  • Relevant certifications such as OSCP, GWAPT, CSSLP, cloud security certifications, or AI/ML-specific security certifications.

BENEFITS & PERKS
  • Unlimited PTO
  • Excellent medical, dental, and vision coverage
  • Employee Equity
  • Employee Discounts, Virtual Wellness Classes, and Pet Insurance And more!!

SALARY RANGE

The salary range for this role is $140,000 - $180,000, depending on location and experience.

#LI-TS1

About Zeta Global

Zeta Global is a data-driven marketing technology company that combines the power of artificial intelligence with the scale of data, applying insights from over 2.4 billion user profiles to generate business outcomes. Zeta Global?s products and services include programmatic media buying, email marketing, CRM, data and analytics, and marketing automation. The company serves a wide range of industries, including financial services, insurance, automotive, telecommunications, retail, publishing, and travel. Zeta Global has offices in North America, Europe, and Asia-Pacific.
Learn more about Zeta Global
Size
1,300 employees
Market Cap
$1.7 billion
Industry
Founded
2007
NASDAQ

Similar Jobs

More Jobs at Zeta Global

More Information Technology Jobs

Find similar Lead Application Security Engineer jobs: