Application Security Engineer

2 weeks ago

Atlanta, United States Sirius XM Radio Inc Full time
Responsibilities

Who We Are:

SiriusXM and its brands (Pandora, SiriusXM Media, AdsWizz, Simplecast, and SiriusXM Connect) are leading a new era of audio entertainment and services by delivering the most compelling subscription and ad-supported audio entertainment experience for listeners - in the car, at home, and anywhere on the go with connected devices. Our vision is to shape the future of audio, where everyone can be effortlessly connected to the voices, stories and music they love wherever they are.

This is the place where a diverse group of emerging talent and legends alike come to share authentic and purposeful songs, stories, sounds and insights through some of the best programming and technology in the world. Our critically-acclaimed, industry-leading audio entertainment encompasses music, sports, comedy, news, talk, live events, and podcasting. No matter their individual role, each of our employees plays a vital part in bringing SiriusXM's vision to life every day.

SiriusXM is the leading audio entertainment company in North America, and the premier programmer and platform for subscription and digital advertising-supported audio products. SiriusXM's platforms collectively reach approximately 150 million listeners, the largest digital audio audience across paid and free tiers in North America, and deliver music, sports, talk, news, comedy, entertainment and podcasts. Pandora, a subsidiary of SiriusXM, is the largest ad-supported audio entertainment streaming service in the U.S. SiriusXM's subsidiaries Simplecast and AdsWizz make it a leader in podcast hosting, production, distribution, analytics and monetization. The Company's advertising sales organization, which operates as SiriusXM Media, leverages its scale, cross-platform sales organization and ad tech capabilities to deliver results for audio creators and advertisers. SiriusXM, through SiriusXM Canada Holdings, Inc., also offers satellite radio and audio entertainment in Canada. In addition to its audio entertainment businesses, SiriusXM offers connected vehicle services to automakers.

How you'll make an impact:

The Application Security Engineer will join the security organization to support SiriusXM technology objectives. The ideal candidate has a passion for finding opportunities and inspiration to solve security challenges and will do so by providing tools, guidance, context and continuous support to ensure the security success of our software and applications.

What you'll do:
  • Build and document security features to enable developers to write secure code.
  • Facilitate the implementation and continual improvement for a secure SDLC.
  • Secure tool creation, enabling security by default by building security and tooling into the software development process, conducting regular audits and tests to identify risks and prioritizing fixes.
  • Drive the technical implementation of our security solutions by providing necessary guidance and technical leadership to the SiriusXM engineering community.
  • Develop and improve the Application Security capabilities of SiriusXM by continually designing runbook procedures and expanding the scope and capabilities of security tools.
  • Consulting and systems development responsibilities for needs brought to the Application Security team by the business.
  • Write and design SDKs, containers images, guardrails, and testing suites.
  • Design, implementation, facilitation, and maintenance of tooling and frameworks to make adoption of security guardrails and best practices easier for developers when working in our code bases.
  • Participate in the design and implementation of applications, services, and infrastructure to ensure security and privacy design principles are being followed by performing security reviews and threat modeling.
  • Work within a collaborative team to develop scripts and software to solve for security automation and development needs.
  • Aid in secure code reviews, focused on security bug reduction.
  • Develop documentation, training, and security baselines to inform and educate the engineers, IT practitioners and developers on best practices.
  • Deploy, manage, and tune infrastructure used to protect our applications from common vulnerability exploitation, account takeover, and denial of service attacks.
  • Triage, escalate, and remediate vulnerabilities found as part of our vulnerability management program, bug bounty program and discovered in enterprise penetration tests.
  • Work with the product management teams to prioritize fixes for vulnerabilities and work with engineering teams to understand how to fix these issues.
  • Conducting root cause analysis of security findings to develop systematic improvements to develop processes, tooling, and security checks.
  • Fixing vulnerabilities, building in security telemetry/instrumentation, and adding security features to our products/applications.
  • Participate with the architecture and planning for company-wide security efforts.
  • Form a strong relationship with developer teams and serve as point of contact and security SME for questions arising around secure development.
  • Actively participate in all facets of the incident response lifecycle.
What you'll need:
  • 3+ years of software development experience, 2+ years of security (direct or adjacent) experience.
  • Proficient in at least one primary development language (preferably Python and Java/Scala).
  • Some experience with mobile application security preferred (Kotlin and Swift).
  • Experience with internal development for identity management, Cognito, OIDC, SAML, and SSO integration development.
  • Experience with AWS and/or GCP.
  • Experience calling REST and/or GraphQL APIs.
  • Experience administering application security tools such as SAST, SCA, DAST.
  • Knowledge of OWASP classifications and how to implement security checks for these vulnerabilities.
  • Ability to understand security code reviews.
  • Understanding of continuous integrations, testing, and delivery.
  • Ability to discover, document and fix security bugs.
  • Experience using Git and related, development processes in a professional setting.
  • Knowledge of JIRA (Issue/bug tracking), Confluence.
  • Experience writing educational documentation or knowledge bases.
  • Security mindset, self-starter, and ability to operate independently.
  • Be an organized and responsive problem solver.
  • Excellent oral/written presentation skills with the ability to teach and communicate effectively to developers and leadership.
  • Passionate about understanding complex systems.
  • Eager to learn, adapt, and improve your work.
  • Must have legal right to work in the U.S.


At SiriusXM, we carefully consider a wide range of factors when determining compensation, including your background and experience. These considerations can cause your compensation to vary. We expect the base salary for this position to be in the range of $64,700 to $131,300 and will depend on your skills, qualifications, and experience. Additionally, this role might be eligible for discretionary short-term and long-term incentives. We encourage all interested candidates to apply.

Our goal at SiriusXM is to provide and maintain a work environment that fosters mutual respect, professionalism and cooperation. SiriusXM is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, national origin, ancestry, alienage or citizenship status, age, disability or handicap, sex, gender identity, marital status, familial status, veteran status, sexual orientation or any other characteristic protected by applicable federal, state or local laws.

The requirements and duties described above may be modified or waived by the Company in its sole discretion without notice.

  • Application Security Engineer

    3 months ago

    Atlanta, United States Better Hire Full time

    Job DescriptionJob DescriptionCutting edge company that's going to change an Industry-looking for a smart Application Security Engineer.It's remote so tell everyone at home to keep the noise down. Off course we've got an office if you need to get out. About the JobWe are looking for an Application Security Engineer to ensure our products are...

  • Application Security Engineer

    3 weeks ago

    Atlanta, United States ImagineX Consulting Full time

    Job DescriptionJob DescriptionImagineX is a Software Company whose goal is to help our clients transform their businesses by embracing emerging technologies such as Cloud, Cybersecurity, and Mobile.  Through the use of our experimentation techniques and modern delivery methods, we assist our clients in driving higher quality solutions to market...

  • Senior Application Security Engineer

    2 weeks ago

    Atlanta, Georgia, United States Credit Acceptance Corporation Full time

    Company Overview: Credit Acceptance Corporation is recognized as a leading entity in the used car finance sector, celebrated for its outstanding workplace culture and commitment to professional growth. Our team is driven by a shared ambition to excel and contribute to the company's success.Role Overview: As a Staff Application Security Engineer, you will...

  • Senior Application Security Engineer

    2 weeks ago

    Atlanta, Georgia, United States Credit Acceptance Corporation Full time

    About Credit Acceptance Corporation: Credit Acceptance is a recognized leader in the automotive finance industry, celebrated for its exceptional workplace culture and commitment to employee success. Our team is driven by a shared ambition to excel both individually and collectively, fostering an environment where innovation thrives.Role Overview: As a Staff...

  • Senior Application Security Engineer

    2 weeks ago

    Atlanta, Georgia, United States Credit Acceptance Corporation Full time

    About Credit Acceptance Corporation: Credit Acceptance is recognized as a leading organization with numerous accolades for our workplace culture, both locally and nationally. Our success is driven by a team of dedicated professionals who are committed to achieving excellence in their roles and contributing to the overall success of the company. Our robust...

  • Senior Cloud/Applications Security Engineer

    2 months ago

    Atlanta, United States Motion Recruitment Full time

    Every year, nearly 200 million travelers trust our client to get them where they're going. Take your career to new heights by working for this longstanding leader in air travel that services more worldwide destinations than any other airline. We are looking for a Senior Cloud/Applications Security Engineer for a 12 month contract in Atlanta, GA.  Contract...

  • Senior Application Security Engineer

    3 months ago

    Atlanta, United States Cox Communications Full time

    Description Senior Application Security Engineer This position will report to the Director Application security and Testing CoE and can be based in any of the following locations:  Atlanta, GA, Phoenix, AZ, Northern Virginia. This is a hybrid-based position and time in office will vary based on location. ...

  • Security Application Specialist

    2 weeks ago

    Atlanta, Georgia, United States Better Hire Full time

    Position OverviewWe are seeking a talented Application Security Engineer to join our innovative team at Better Hire. This role is pivotal in ensuring that our software products adhere to the highest security protocols. The position is remote, providing flexibility while also offering office space for those who prefer a collaborative environment.Key...

  • Security Application Specialist

    2 weeks ago

    Atlanta, Georgia, United States ImagineX Consulting Full time

    Position OverviewImagineX Consulting is a leading Software Firm dedicated to empowering our clients in their digital transformation journeys by leveraging cutting-edge technologies such as Cloud Computing, Cybersecurity, and Mobile Solutions. Through innovative methodologies and modern delivery practices, we help our clients accelerate the launch of...

  • Senior Application Security Engineer

    5 days ago

    Atlanta, Georgia, United States Cox Communications Full time

    About the RoleWe are seeking a highly skilled Cybersecurity Expert to join our team at Cox Communications. As a key member of our Application Security team, you will play a critical role in evaluating the security of our in-house and third-party software and devices.Key Responsibilities:Evaluate the security of in-house and third-party software and...

  • Senior Cyber Security Engineer

    4 weeks ago

    Atlanta, United States Agile Full time

    Senior Cyber Security Engineer We are seeking a Senior Cyber Security Engineer in Atlanta. This person will be tasked with ensuring the security on critical infrastructure systems and helping them adopt new technologies as the continue to grow.  Here's what our ideal candidate has:  At least 5+ years related cyber security experience Bachelor's Degree...

  • Azure Application Security Specialist

    2 weeks ago

    Atlanta, Georgia, United States Agile Resources, Inc. Full time

    Location/Remote: 100% remote, but must be willing to work Eastern Time Zone hoursEmployment Type: Permanent / Direct Hire / Full-timeCompensation: up to $150k baseBenefits: medical, dental, vision, LTD/STD, HSA/FSA, term life, and supplemental health insurances (e.g., Aflac) for all employees (and their families if needed)Agile Resources, Inc. is in search...

  • Senior Application Security Specialist

    2 weeks ago

    Atlanta, Georgia, United States Agile Resources, Inc. Full time

    Location/Remote: 100% remote, but must be willing to work Eastern Time Zone hoursEmployment Type: Permanent / Direct Hire / Full-timeCompensation: up to $150k baseBenefits: medical, dental, vision, LTD/STD, HSA/FSA, term life, and supplemental health insurances (e.g., Aflac) for all employees (and their families if needed)Agile Resources, Inc. is looking for...

  • Mobile Applications Engineer

    2 weeks ago

    Atlanta, Georgia, United States Damco Solutions Full time

    Position Overview:We are seeking a talented Mobile Applications Engineer to join our dynamic team at Damco Solutions. This role is essential for developing high-quality mobile applications that enhance user experience and meet business objectives.Key Responsibilities:Technical Proficiency: Expertise in mobile technologies including iOS, Swift, Objective C,...

  • Cloud Security Engineer

    2 weeks ago

    Atlanta, United States Deluxe Corporation Full time

    Now is your chance to join an organization that drives change. We're a company that's consistently on top employer lists. Why join us: There is a reason we boast numerous awards like "Great Place to Work Certified" and "Best Place to Work" For Moms, Dads, LGBTQ, and VETS (just to name a few). At Deluxe, we know that great people make a great organization....

  • Application Design Engineer

    4 weeks ago

    Atlanta, United States ALSTOM Gruppe Full time

    Date: 14 Aug 2024 Location: Atlanta, GA, US Company: Alstom At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues...

  • Mobile Application Engineer

    2 weeks ago

    Atlanta, Georgia, United States ShiftCode Analytics Full time

    Interview Process: Video Visa Requirements: USC, GC, GC EAD, H4, L2 Work Arrangement: Hybrid from day one. Position Overview: As a Mobile Application Engineer at ShiftCode Analytics, you will play a pivotal role in the design and development of our Android SDK features, enabling us to effectively scale and meet customer demands. Key Responsibilities:...

  • Application Design Engineer

    1 month ago

    Atlanta, Georgia, United States Alstom Full time

    Req ID:464508 At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility...

  • Application Design Engineer

    4 weeks ago

    Atlanta, United States ALSTOM Full time

    Req ID:464508 At Alstom, we understand transport networks and what moves people. From high-speed trains, metros, monorails, and trams, to turnkey systems, services, infrastructure, signalling and digital mobility, we offer our diverse customers the broadest portfolio in the industry. Every day, 80,000 colleagues lead the way to greener and smarter mobility...

  • Senior Security Engineer

    2 weeks ago

    Atlanta, Georgia, United States ServiceNow Full time

    Job OverviewCompany Overview:At ServiceNow, we empower organizations through innovative technology that enhances productivity and connectivity. Our commitment to excellence drives us to move swiftly, ensuring that we meet the evolving needs of our clients and communities. By joining our team, you become part of a dynamic group of innovators dedicated to...