Lead Applications Security Engineer

About the role

At Arctic Wolf, we are transforming our Application Security function to be AI-first, fundamentally changing how security work is executed and scaled across the organization. We are seeking a Lead Application Security Engineer to help scale secure-by-design practices across our cloud, SaaS, and AI-enabled platforms. In this role, you will lead threat modeling, define application security standards, assess product and platform architectures, and integrate security throughout the SDLC. This includes securing emerging AI and GenAI capabilities using frameworks such as the OWASP Top 10 and OWASP Top 10 for LLMs. The role requires deep technical expertise, strong communication skills, and the ability to lead cross-functional initiatives. You will own and drive multiple AppSec programs, reduce risk, shape internal security practices, and coach engineers and Security Champions to raise the overall security maturity of the organization.

Responsibilities

• Lead threat modeling exercises for applications, microservices, APIs, and AI/LLM-enabled systems
• Define reusable security patterns and drive secure design reviews for product and platform architectures
• Own AppSec initiatives end-to-end and drive risk-reduction programs across R&D
• Influence engineering and product leaders to adopt secure practices through clear guidance and rationale
• Conduct security assessments for new features, cloud architectures, and AI/GenAI capabilities
• Implement and optimize AppSec tooling including SAST, DAST, IAST, SCA, IaC scanning, and container security
• Establish metrics, dashboards, and scalable process improvements
• Drive R&D wide security practices and help shape internal standards for secure development
• Explore emerging technologies, and promote continuous learning within AppSec and the Security Champions community
• About You
• 7+ years of experience in Application Security, Product Security, Secure Software Development, or a related security engineering discipline.
• Deep expertise in secure design and development principles, including the OWASP Top 10, OWASP ASVS, and modern application security best practices.
• Proven experience leading threat modeling exercises, security architecture reviews, and risk assessments for complex applications and services.
• Hands-on experience with application security tooling, including SAST, DAST, SCA, IaC, container, and cloud-native security solutions.
• Strong analytical and problem-solving skills, with the ability to identify security risks, evaluate tradeoffs, and develop practical, scalable solutions.
• Demonstrated ability to influence engineering teams and technology leaders through collaboration, technical expertise, and sound risk-based decision making.
• Experience driving the adoption of secure development practices and integrating security into engineering workflows and SDLC processes.
• Excellent communication skills with the ability to translate complex technical concepts into actionable guidance for both technical and executive stakeholders.
• Proven track record of leading security initiatives, establishing standards, and delivering measurable improvements to an organization's security posture.
• Passion for mentoring engineers, fostering a security-first culture, and elevating the security capabilities of development teams.

Requirements

• Experience securing cloud-native applications and architectures in AWS, Azure, or GCP environments.
• Knowledge of AI and GenAI security concepts, including the OWASP Top 10 for LLM Applications, model and agent security risks, and secure AI system design.
• Experience supporting large-scale SaaS platforms, highly distributed systems, or organizations operating in regulated environments.
• On-Camera Policy

Benefits

Additional Information

At Arctic Wolf, you won't just watch the cybersecurity industry evolve - you'll help lead the change. Our global Pack is made up of people who thrive on solving hard problems, moving fast, and building technology that protects organizations around the world. We're proud to be recognized by Forbes, CNBC, Fortune, CRN, Bartner Peer Insights and IDC MarketScape - but what matters most is the work behind it: delivering real outcomes for customers through award winning innovation like our Aurora Platform. If you're looking for meaningful work, smart teammates and the chance to make a real impact in a high-growth company that's redefining security operations, Arctic Wolf is the right place for you! Our mission is simple: End Cyber Risk. We're looking for a Lead Application Security Engineer to be part of making that happen.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at arcticwolf? Share your experience