Senior Application Security Engineer
LaunchDarkly
About the Job:
As a Senior Application Security Engineer at LaunchDarkly, you’ll help ensure the safety of our customers' data and the resilience of our platform. You’ll be part of a small, high-leverage team focused on building secure systems and enabling secure product development. Your work will directly support the business by helping developers move fast without sacrificing security through automation, guidance, and engineering.
We’re looking for someone who can not only identify and fix vulnerabilities, but also help us build scalable programs to prevent them in the first place. You’ll bring technical and relational leadership, deep knowledge of application and cloud security, and a passion for collaborating and enabling engineering teams to ship secure code confidently.
You’ll report to the Director of Security and work closely with software engineers, product managers, and other security engineers to reduce the risk of unwanted security outcomes across LaunchDarkly’s platform.
Responsibilities:
-
Serve as a trusted advisor to product and infrastructure engineering teams during security reviews and architecture planning
-
Design and implement secure-by-default patterns and reusable libraries to reduce developer burden
-
Lead threat modeling and application security assessments across our product surface
-
Integrate security tooling into CI/CD workflows to improve vulnerability and misconfiguration detection
-
Operate and evolve our bug bounty and third-party pentest programs
-
Contribute to the design of platform security features and customer-facing security controls
-
Develop and maintain automation to support secure development at scale
-
Mentor engineers and model thoughtful, modern approaches to application and product security
-
Stay informed on emerging threats and identify how they apply to LaunchDarkly’s environment now, and products actively being developed
Qualifications:
-
Have 5+ years of experience in application security, product security, or a related role
-
Have strong software engineering skills and can write secure, maintainable code in at least one modern programming language (e.g., Go, Python, JavaScript/TypeScript)
-
Have experience securing cloud-native applications (especially on AWS), including modern infrastructure-as-code, microservices, and service mesh environments
-
Understand the types of security issues common in SaaS platforms (e.g., SSRF, IDOR, SQL injection, XSS, etc.) and know how to address them effectively
-
Know how to integrate security into the software development lifecycle, including build pipelines and developer tooling
-
Communicate clearly and work effectively across teams, building relationships and collaborating with product managers, developers, and infrastructure teams
-
Are self-directed and comfortable in fast-moving or ambiguous environments — you can identify problems and lead the way to solve them
-
Ready to jump into an active product & application security program with a great team, looking for ways to support existing team members and innovate the program further
Pay:
Target pay ranges based on Geographic Zones* for Level P4:
-
Zone 1: San Francisco/Bay Area or New York City Metropolitan Area: $187,000 - $240,000 **
-
Zone 2: Boston, DC, Irvine, LA, Monterey, Santa Barbara, Santa Rosa, Seattle: $168,200 - $220,000 **
-
Zone 3: All other US locations: $158,900 - $210,000 **
LaunchDarkly operates from a place of high trust and transparency; we are happy to state the pay range for our open roles to best align with your needs. Exact compensation may vary based on skills, experience, and location.
*Within the United States, our geographic pay zones are defined by counties surrounding major metropolitan areas.
**Restricted Stock Units (RSUs), health, vision, and dental insurance, and mental health benefits in addition to salary.
About LaunchDarkly:
Modern software delivery was supposed to be the foundation for a thriving digital business but reality has proven otherwise. Slow, inefficient development cycles, costly outages, and fragmented customer experiences are preventing developers from building their best software. The LaunchDarkly platform helps developers innovate on new features faster while protecting them with a safety valve to instantly rewind when things go wrong. Developers can target product experiences to any customer segment and maximize the business impact of every feature. And by gradually rolling out new application components, they escape nightmare "big-bang" technology migrations.
The LaunchDarkly platform was built to guide engineers to the next frontier of DevOps by:
- Improving the velocity and stability of software releases, without the fear of end customer outages
- Delivering targeted experiences by easily personalizing features to customer cohorts
- Maximizing the business impact of every feature through the ability to experiment and optimize
- Coordinating the release and optimization of software to provide consistent experiences across mobile platforms and device types
- Improving the effectiveness and productivity of engineering teams, by providing insights into engineering cadence and stability
At LaunchDarkly, we believe in the power of teams. We're building a team that is humble, open, collaborative, respectful and kind. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, gender identity, sexual orientation, age, marital status, veteran status, or disability status. LD invites any applicant to review our written Affirmative Action Plan. To do so, contact People Ops at hr@launchdarkly.com.
Learn more about the interview process & what it’s like to work with LaunchDarkly's Product Delivery team!
Do you need a disability accommodation?
Fill out this accommodations request form and someone from our People Operations team will contact you for assistance.