Note: The job is a remote job and is open to candidates in USA. Quanata is on a mission to help ensure a better world through context-based insurance solutions. They are seeking an Application Security Engineer to build secure products and services across their AI-native insurance technology platform, collaborating closely with various teams to enhance security throughout the software development lifecycle.
Responsibilities
- Partner with Product and Engineering teams to integrate security into application design and development
- Lead threat modeling exercises and identify practical security solutions for complex systems
- Conduct secure code reviews, application security assessments, and vulnerability analysis
- Develop and implement automated security guardrails across the SDLC
- Investigate, prioritize, and drive remediation of application security findings
- Promote secure coding practices through training, coaching, and awareness initiatives
- Collaborate with Security, Privacy, and Business Assurance teams to support compliance and risk management objectives
- Create and maintain security standards, procedures, and best practices that scale across teams
Skills
- Associate's degree or equivalent experience required; Bachelor's degree preferred
- 4–6+ years of experience in software engineering, including at least 2 years focused on application security
- Experience partnering directly with software development teams to improve application security
- Knowledge of secure-by-design principles and modern application security practices
- Familiarity with OWASP Top 10, ASVS, MASVS, and common application security frameworks
- Experience with threat modeling methodologies such as STRIDE, PASTA, or similar approaches
- Working knowledge of cloud platforms and modern application architectures
- Proficiency in at least one programming language and its security ecosystem
- Strong communication skills and the ability to influence technical and non-technical stakeholders
- Comfortable operating in a fast-paced environment with shifting priorities
- Security certifications such as CSSLP, GWEB, OSWE, or similar
- Experience working in insurance, financial services, healthcare, or other regulated industries
- Advanced knowledge of cloud security and application security architecture
- Experience with mobile application security, QA testing, or penetration testing
- Familiarity with AI technologies, LLM security, or prompt engineering
- Experience building scripts or automations to streamline security processes
- Active involvement in the security community through conferences, mentoring, presentations, publications, or open-source contributions
Benefits
- Medical, dental, vision, life insurance and supplemental income plans for you and your dependents
- A Headspace app subscription
- Monthly wellness allowance
- A 401(k) Plan with a company match
- A one-time payment of $2K will be provided to cover the purchase of in-home office equipment and furniture at your discretion
- MacBook Pros, which we will deliver to you fully provisioned prior to your first day
- All employees accrue four weeks of PTO in their first year of employment
- New parents receive twelve weeks of fully paid parental leave which may be taken within one year after the birth and/or adoption of a child. The twelve weeks is applicable to both birthing and non-birthing parent
- All employees receive up to $5000 each year for professional learning, continuing education and career development
- All team members also receive LinkedIn Learning subscriptions and access to multiple different coaching opportunities through BetterUp
Company Overview