Sr. Application Security Engineer - Consumer Fintech Company (Austin)

Sr. Application Security Engineer - Consumer Fintech CompanyLocation: Austin, TX. You can work remotely 3x/week.The company's product involves consumer fintech and smart home technology.The company has about 600 employees and 150 engineers. The company is publicly traded, and revenues have been rapidly growing.The company will pay up to $240k in salary, plus RSUs.Job Responsibilities:- Driving application security outcomes across the engineering organization.- The position is application-security–first, with intentional overlap into cloud and platform security where application code, identity, CI/CD pipelines, and infrastructure intersect.- While the role does not own infrastructure, security programs, or formal departmental priorities, it is accountable for identifying application-centric risks and guiding high-impact security decisions through expertise, partnership, and advisory influence.- Operating with significant autonomy, owning complex and ambiguous security challenges end-to-end, ensuring outcomes align with business objectives and risk tolerance.- Focused on technical leadership, cross-functional collaboration, and mentorship rather than people management.- Serve as a senior subject matter expert in application security, providing authoritative guidance on secure design, authentication, identity flows, API security, and cloud-native application risks.- Acting as a trusted security advisor during architecture reviews, design discussions, and risk assessments across multiple teams and services.- Identifying, assessing, and clearly communicating application-centric security risks across application code, CI/CD pipelines, identity systems, and cloud environments.- Independently owning and drive resolution of complex and ambiguous application security challenges with broad organizational impact.- Applying threat modeling, attack-path analysis, and adversarial thinking to inform defensive improvements and strengthening application resilience.- Contributing technically to broader security programs by shaping standards, best practices, secure patterns, and technical guidance.- Supporting security incidents and targeted threat-hunting efforts by providing application security expertise, root-cause analysis, and remediation guidance.- Designing, improving, and helping operationalize automated security tooling and pipelines (e.g., SAST, DAST, SCA, secrets detection).- Mentoring engineers and security partners across teams, acting as a force multiplier to improving secure design and decision-making at scale.- Communicating risks, recommendations, and standards clearly to senior engineers and security leadership to influence technical direction.Qualifications:- At least 6 years of experience in engineering, with at least 3 years in an application security or product security role.- Experience Customer Identity Access Management (CIAM)- Demonstrated impact improving application security outcomes across multiple teams, systems, or business domains.- Deep experience securing web applications, APIs, distributed systems, WAFs, and customer identity platforms.- Strong understanding of authentication and identity protocols (OAuth2, OIDC, SAML, JWT, MFA).- Proven ability to review system designs, data flows, and identify architectural security risks.- Solid understanding of cloud-native application architectures and CI/CD pipelines from an application risk perspective.- Experience designing or maintaining automated security tooling and pipelines (SAST, DAST, SCA, secrets detection).- Proficiency in one or more modern programming languages.Nice to Have:- Experience threat modeling or assessing AI-powered features and LLM integrations.- Application-focused penetration testing or adversarial security testing experience.- Familiarity with Kubernetes, container security, and infrastructure-as-code as they relate to application security.- Experience operating in regulated environments.- Security certifications such as OSWE, GWAPT, or CSSLP.About Skyrocket VenturesSkyrocket Ventures is a recruiting firm for hundreds of high growth technology companies that range from industry leaders to top-tier startups. This opportunity is with one of our client companies for a full-time permanent hire. Please only apply if you are authorized to work in the U.S.Please note that even if this job is not a perfect match, we encourage you to apply as long as it is in the ballpark. Companies are often flexible in hiring candidates who do not perfectly fit their written job description, as long as the most important qualifications are there and the candidate is good in general.Most of the jobs we are recruiting for are not posted online, so if you would like to know of all the opportunities we have that match your interests and qualifications, then please get in touch with us.After you apply to this job posting, we'll consider you for this job as well as any other potential matches with our client companies. If we have any potential matches, we'll share your resume with those companies and contact you about any interview opportunities we can get you.Thank you, and we wish you a great job search!