Staff Security Engineer

Locatee Ag

$140K — $200K *
US-AnywhereRemote in United States
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10+ years in software engineering and application security with hands-on coding experience in at least two major languages (e.g., Java, Python, Go)
  • Proven ability to identify security vulnerabilities and implement effective fixes
  • Experience developing developer-friendly application security programs and security tooling for CI/CD
  • Knowledge of cloud environments (AWS, GCP, Azure) and security practices for containers/Kubernetes
  • Strong communication skills, with a history of mentoring engineers across teams
  • Familiarity with threat modeling, secure design principles, and authentication hardening
  • Background in B2B SaaS, especially within developer-focused security firms or startups.

Responsibilities

  • Conduct hands-on security assessments, including code reviews and vulnerability remediation
  • Manage end-to-end remediation efforts for complex security findings
  • Develop and maintain security automation and developer tools for various security practices
  • Facilitate threat modeling sessions and secure design reviews
  • Work with site reliability engineering and platform teams to enhance runtime security
  • Provide mentorship on secure coding practices and incident analysis
  • Track and analyze security metrics to improve visibility and remediation timelines.

Benefits

  • Competitive compensation package reflecting your contributions
  • Comprehensive health, dental, and vision insurance
  • 401(k) plan with company match
  • Generous paid time off for employee well-being
  • Flexible work options, including remote and hybrid arrangements
  • Inclusive workplace culture that values diverse perspectives and teamwork.
Full Job Description
About the Role:

We're hiring a Staff Security Engineer, a senior, polyglot, full-stack Application Security Engineer who not only uncovers vulnerabilities but also goes into application and infrastructure codebases to fix them. You will partner with product and engineering teams to champion secure design, automate developer workflows, and scale AppSec as an engineering-first discipline.

Responsibilities:
  • Perform hands-on security work across the stack: code reviews, threat modeling, vulnerability hunting, and remediation in production services.
  • Own end-to-end remediation for complex findings: from exploit proof-of-concept to code-level fixes and automated CI checks.
  • Build and maintain developer-first security tools, automation, and self-service capabilities (SAST rules, IaC scanning, dependency/OSS policies, CI/CD gates).
  • Lead threat modeling sessions and secure design reviews for new product initiatives and platform changes.
  • Collaborate with SRE and Platform teams to harden runtimes, secrets management, identity, and authentication flows.
  • Mentor and coach engineers on secure coding, secure-by-default patterns, and incident learnings.
  • Contribute to security metrics and visibility (vulnerability backlog, mean time to remediate, coverage of automated tests).


About You:
  • 10+ years software engineering and application security experience (or equivalent), with deep hands-on polyglot coding experience across at least two major languages (e.g., Java, Python, Go, JavaScript/TypeScript, C#).
  • Demonstrated ability to both find security issues (offensive skills) and implement fixes across app and infra codebases (defensive skills).
  • Experience building developer-friendly AppSec programs and integrating security tooling into CI/CD pipelines.
  • Familiarity with cloud platforms (AWS, GCP, Azure) and container/Kubernetes security practices.
  • Strong communication skills and experience mentoring engineers across multiple teams.
  • Comfort with threat modeling, secure design patterns, PKI/identity flows, OAuth/OIDC, and authentication hardening.
  • Experience working at scale in B2B SaaS environments; prior experience at developer-focused security companies or engineering-forward startups is a plus.
  • Bachelor's degree in computer science or a related field


Nice to have
  • Open-source security contributions, published tooling, or participation in security communities.
  • Experience with program-level security metrics, vulnerability triage frameworks, and compliance programs (e.g., SOC2, FedRAMP context).


What We Offer

We're committed to creating an environment where you can thrive-professionally and personally. Our offerings include:
  • Competitive Compensation We recognize and reward your contributions with a salary package that reflects your value.
  • Comprehensive Benefits Including health, dental, and vision insurance, a 401(k) plan with company match, and generous paid time off to support your well-being.
  • Flexible Work Environment Whether remote, hybrid, or in-office, we support work arrangements that promote productivity and balance.
  • Inclusive & Collaborative Culture We foster a workplace where diverse perspectives are valued, teamwork is encouraged, and everyone has a voice.


Base pay offered is contingent on qualifications and other operational considerations. Base pay is just one piece of the full compensation structure offered at Tango. If this pay range is outside of your expectations, we still encourage you to apply and have a conversation with us.

Base pay offered for this position is: $140,000 - 200,000 (USD)

Similar Jobs

More Jobs at Locatee Ag

More Information Technology Jobs

Find similar Staff Security Engineer jobs: