[Remote] Application Security Engineer
Note: The job is a remote job and is open to candidates in USA. Rubrik is a leading company in data protection and cyber resilience, seeking an Application Security Engineer. In this role, you will ensure that Rubrik's products and services meet high security standards by collaborating with various stakeholders and integrating security practices throughout the software development lifecycle.ResponsibilitiesIntegrate security controls and practices into Rubrik’s secure SDLC and collaborate with Engineering to embed security into every phase of the development processArchitect the agentic scaffolding, including containment boundaries and intervention points, required to govern and scale AI agents performing machine-speed vulnerability triage, research, and remediationPerform security assessments of applications, identifying vulnerabilities and weaknesses through both automated and manual testing techniquesCarry out detailed analysis of identified vulnerabilities to ensure high fidelity findings are provided to Engineering teamsAssist in identifying and implementing frictionless "shift-left" strategies to seamlessly and proactively prevent vulnerabilities earlier in the SDLCAid in the collection, management and reporting of key Application Security metrics to track progress and identify trendsAnalyze and harden existing applications, automation, and deployment processesParticipate in security design reviews and threat modeling of proposed products and feature releasesWork with development teams, operations, governance, and other stakeholders to document security guidance, processes and standards for Rubrik products and servicesSkillsBachelor's degree required; BS or MS in Computer Science, Information Technology, or a related field5+ years' experience in Application Security, with experience across SDLC activities such as threat modeling, secure code review, vulnerability management, and penetration testingProven track record of utilizing frontier models to build agentic workflows that scale security operations, successfully automating the end-to-end lifecycle of vulnerability discovery and remediationKnowledge of regulatory guidelines and standards such as FedRAMP, SOC2, ISO 27001 etcBroad knowledge of web, application, and cloud attack vectors and exploitsComprehension in multiple programming languages (Python, Go, Scala, C/C++, Javascript/Typescript)Working experience with CI/CD pipeline, containerization (Kubernetes, Docker, etc) and MicroServicesWorking knowledge of at least one major public cloud provider (AWS, GCP, Azure)Understanding of application security maturity model frameworks and how to apply themFoundational knowledge of deploying and securing SaaS applications and cloud environmentsTeam player, ability to establish priorities, deal with conflicts, work independently, proceed with objectives and can-do attitudeA self-starter with excellent critical thinking and problem solving skillsStrong written and verbal communication skillsBenefitsBonus potentialEquityBenefitsCompany OverviewRubrik is a data security platform that delivers cyber resilience, cyber posture, and cyber recovery solutions. It was founded in 2014, and is headquartered in Palo Alto, California, USA, with a workforce of 1001-5000 employees. Its website is http://rubrik.com.Company H1B SponsorshipRubrik has a track record of offering H1B sponsorships, with 18 in 2026, 145 in 2025, 93 in 2024, 81 in 2023, 111 in 2022, 93 in 2021, 51 in 2020. Please note that this does not guarantee sponsorship for this specific role.