Senior Application Security Engineer
EmbursePosted 3/7/2025
Senior Application Security Engineer
Emburse
Job Location
Job Summary
We are seeking a Senior Application Security Engineer to oversee application security initiatives across our products. The role involves leading 'shift left' security efforts, building relationships with engineering teams, conducting security assessments, and providing remediation guidance. As part of the Information Security team, you will work closely with product teams to ensure vulnerabilities are remediated within procedural timeframes. You will also partner with product teams to establish a technical roadmap for 3rd party and open source frameworks and libraries. The ideal candidate has 7+ years of industry experience in application security, expertise with OWASP Top 10, and knowledge of DevSecOps tools. We offer flexible remote work options, $4,000/year travel stipends, and equity in a fast-growing company.
Job Description
Who We Are:
At Emburse, you’ll not just imagine the future – you’ll build it. As a leader in travel and expense solutions, we are creating a future where technology drives business value and inspires extraordinary results.
The Senior Application Security Engineer will oversee the application security initiatives across Emburse products. This role will be part of the Information Security team and work closely with the engineering and DevOps to integrate security best practices throughout the software development lifecycle (SDLC). This role will also involve conducting security assessments and providing remediation guidance.
What You Will Do
- Lead “shift left” security efforts to build security into the software development lifecycle.
- Build relationships and work directly with engineering teams on security best practices and to remediate identified vulnerabilities.
- Work with product teams to ensure the vulnerabilities are remediated within procedural timeframes.
- Partner with product teams to establish and prioritize a technical roadmap for 3rd party and open source frameworks and libraries to ensure products are up to date and can respond effectively to zero day threats
- Triage and prioritize bug bounty submissions, code scanning results, and engineering audit vulnerability findings, track remediation, and validate fixes.
- Assist with internal vulnerability scanning, external vulnerability scanning, segmentation testing, and management of penetration testing.
- Conduct secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities.
- Create metrics and reporting of the application security program.
What You Will Bring
- 7+ years of industry experience in application security, security architecture, secure software development, software vulnerability management for multiple technology platforms, frameworks and languages.
- Expertise with application security implementations and standard methodologies.
- Extensive knowledge and comfort with the OWASP Top 10 and common web application exploitation techniques, and their respective countermeasures.
- Experience with DevSecOps, DevOps, CICD pipelines, and secure code development.
- Use of security tools (ex: SAST, IAST, CSPM, SIEM)
- SaaS experience working with web and mobile solutions to provide security
- Experience working with Snyk, Bug Bounty, Wiz, Hacker Guardian, Hunters strongly preferred
- Experience working with compliance frameworks (i.e. PCI, SOC 2, ISO 27001, NIST)
- Experience performing and coordinating security assessments: internal vulnerability scans, external vulnerability scans, network segmentation testing, and web application penetration testing.
- Relevant certifications such as CISSP, CCSP, GWEB, GWAPT, GMOB, CompTIA Security+, etc.
- Experience working on large cross functional teams, representing IT compliance on initiatives such as change management, identity and access management, policy management and data retention.
- Strong communication skills to effectively solve complex issues to stakeholders in a clear and easy to understand way
- Ability to develop creative and adaptive solutions to unique and complex security items
- Comfortable with a rapid-paced working environment and meeting deadlines
- Bachelor’s degree in Computer Science, Information Systems, or equivalent work experience
Why Emburse?
Finance is changing—and at Emburse, we’re leading the way. Our AI-powered solutions help organizations eliminate inefficiencies, gain real-time visibility, and optimize spend—so they can focus on what’s next, not what’s slowing them down.
• A Company with Momentum – We serve 12M+ users across 120 countries, helping businesses modernize
their finance operations.
• A Team That Innovates – Work alongside some of the brightest minds in finance, tech, and AI to solve real-
world challenges.
• A Culture That Empowers – Competitive pay, flexible work, and an inclusive, collaborative environment that
supports your success.
• A Career That Matters – Your work here drives efficiency, innovation, and smarter financial decision-making
for businesses everywhere.
Shape your future & find what’s next at Emburse.
Emburse provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Emburse complies with applicable state and local laws governing nondiscrimination in employment in every location where the company has facilities. This policy applies to all terms and conditions of employment.
