United States Remote (Country) Full-time USD 192,000 – 240,000 / year

Brex is hiring a Senior Application Security Engineer (Remote)

Responsibilities

  • Identifying vulnerabilities, demonstrating business impact, and articulating the risk of specific vulnerabilities to drive prioritization efforts
  • Perform penetration testing and design reviews, looking for vulnerabilities and insecure designs, work with engineering and product to design secure product features
  • Maintain and build internal tools to automate security efforts, perform SAST and DAST testing of the Brex platform, and support secure development practices
  • Build and contribute to a culture of collaborative security excellence through technical leadership, learning sessions, and mentorship within the team and wider organization

Requirements

  • 5+ years work experience in an Application Security or related role
  • Ability to find vulnerabilities in complex systems, demonstrating business impact through custom attack chains
  • Experience with a wide range of secure development activities including— threat modeling, developer education, and incident response
  • Knowledge of Python, scripting languages, and AI/agentic workflows to automate tasks, build tools and improve productivity
  • Collaborative mindset paired with strong written and verbal communication skills

Nice to Have

  • Proficiency with Kotlin, gRPC, GraphQL, Kubernetes
  • Previous experience as a software engineer
  • Consultancy experience performing web application security reviews
  • Experience with securing distributed systems in AWS and cloud environments
  • Experience with pentesting and securing agentic features and systems
  • Contributions to the wider technical community— open source, public research, mentorship, community organizing, blogging, CVEs, presentations, etc
  • Experience submitting to bug bounty programs or responsible disclosure programs

Team

Structure: Application Security is part of the wider Financial Scale organization, working closely with Security Operations, GRC, Product Security, Front End Platform, and IT Infrastructure teams.

Additional Information

  • Brex LLC is a wholly owned subsidiary of Capital One, N.A.
  • Job-seekers may be at risk of targeting by malicious actors looking for personal data. Brex recruiters will only reach out via LinkedIn or email with a brex.com domain. Any outreach claiming to be from Brex via other sources should be ignored.
Required Skills
PythonKotlinGraphQLKubernetes
About company
Brex
Brex is the AI-powered spend platform. We help companies spend with confidence with integrated corporate cards, banking, and global payments, plus intuitive software for travel and expenses. Tens of thousands of companies from startups to enterprises use Brex to proactively control spend, reduce costs, and increase efficiency on a global scale.
All jobs at Brex Visit website
Job Details
Department Engineering
Category security
Posted 25 days ago