Senior Application Security Developer

Responsibilities

• Partner with engineering teams to embed security throughout the software development lifecycle, including design reviews, threat modeling, implementation guidance, code review, and release readiness
• Identify, validate, and help remediate common application security vulnerabilities, including injection, broken access control, authentication and authorization flaws, data leakage, insecure deserialization, and server-side request forgery
• Support security reviews of AI-enabled applications and AI-assisted development workflows, including risks related to LLM-integrated systems, coding assistants, prompt injection, sensitive data exposure, and unsafe model or tool interactions
• Develop and maintain secure coding guidance, reusable security patterns, and engineering enablement materials for application, API, cloud, and data protection risks
• Integrate and improve application security testing in CI/CD pipelines, including SAST, DAST, SCA, secrets detection, infrastructure-as-code scanning, and other automated controls
• Provide developer education on secure coding, threat modeling, vulnerability remediation, secure use of third-party components, and safe adoption of emerging technologies
• Track, prioritize, and report application security risks and trends to continuously improve Autodesk's product security posture

Requirements

• Strong understanding of application security fundamentals, including the OWASP Top 10, secure software design, common vulnerability classes, and practical mitigation techniques
• Hands-on experience securing modern web applications, APIs, microservices, and cloud-native systems
• Experience performing secure design reviews, threat modeling, code reviews, vulnerability assessments, or penetration testing
• Practical knowledge of authentication, authorization, session management, data protection, input validation, output encoding, and secure API design
• Experience identifying and mitigating vulnerabilities such as injection, broken access control, insecure deserialization, server-side request forgery, cross-site scripting, data leakage, and insecure configuration
• Experience integrating security testing and controls into CI/CD pipelines and DevSecOps workflows
• Familiarity with common application security tooling, such as SAST, DAST, SCA, secrets scanning, container scanning, or API security testing tools
• Proficiency in scripting or programming, such as Python, JavaScript, Go, Java, or similar languages, for automation, testing, or prototyping
• Ability to communicate complex security risks clearly and translate them into practical, actionable guidance for engineering teams
• Familiarity with emerging AI/LLM security risks, such as prompt injection, data exposure, unsafe tool invocation, and secure use of AI coding assistants
• Background in application security, product security, or security engineering for large-scale software products or cloud services
• Experience building or improving secure development lifecycle programs, including developer enablement, security standards, secure design patterns, and automated security controls
• Familiarity with

Additional Information

Job Requisition ID # 26WD97513 L'affichage de poste en français suivra / The French job posting follows 26WD97513, Senior Application Security Developer Position Overview Our team of security experts helps Autodesk design, build, deploy and maintain secure products. We are embedding security in the full spectrum of how we build our products from inception, design, development, testing to how we are running them in the cloud as well as how we are responding to any existing or emerging threats to our products or the building blocks of our products and services. Our job is to be one step ahead of the bad guys and use expertise, technology and other resources to thwart their efforts to compromise our products and the environment in which they operate. Our team keeps a single-minded focus on protecting our customer's data and their investment in our products by strengthening our applications, underlying services and network. As part of this team, you will help strengthen Autodesk's products by partnering with product and engineering teams to design, build, deploy, and operate secure applications and services. This role focuses on application security across the software development lifecycle, including secure design, threat modeling, code review, vulnerability assessment, secure coding guidance, and security testing in CI/CD pipelines. You will work across modern cloud-native applications, APIs, services, and developer platforms to identify and mitigate risks such as injection, broken access control, and supply chain weaknesses. As Autodesk continues to adopt AI-enabled features and AI-assisted development workflows, you will also help teams understand and address emerging AI-related risks, including prompt injection, unsafe tool invocation, data exposure, and insecure use of LLM-enabled systems.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at autodesk? Share your experience