Our Oakland client is seeking a hands-on Senior Application Security Engineer to bridge application security and development teams. This is an opportunity to drive foundational application security work, working directly with developers to ensure secure software delivery across the organization. This is a contract role to start, and is 100% remote. Key Responsibilities: Bug Bounty / Ethical Hacker Program Management (Bugcrowd):<ul><li>Own daily management of our Bugcrowd program</li><li>Review and triage incoming vulnerability findings</li><li>Work with ethical hackers and engineers on issue resolution</li><li>Explain vulnerabilities and provide clear remediation guidance—understand not just what’s wrong, but how to fix it</li></ul> Secure Software Development Lifecycle (Secure SDLC):<ul><li>Help design and mature our secure SDLC program (security is early in the journey here)</li><li>Partner with developers to integrate security testing early in the process</li><li>Perform and coordinate hands-on security testing prior to production releases</li><li>Identify and remediate vulnerabilities before deployment</li></ul> Code Scanning & Tooling (Snyk):<ul><li>Manage and interpret findings from Snyk across code repositories</li><li>Review, validate, and prioritize vulnerabilities, supporting developers to distinguish real issues from false positives</li><li>Provide actionable, clear guidance for remediations</li></ul> Social Account Security Oversight:<ul><li>Oversee security for company social media and brand accounts</li><li>Enforce MFA, SSO, and leverage Survey as a tool for access management</li></ul>

· Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience). · 5+ years in application security, secure software development, and penetration testing. · Strong understanding of web technologies (HTML, JavaScript, Python, REST APIs, etc.). · Experience with security tools for code security, bug bounty programs, and the ability to integrate them into CI/DC pipelines for automated security testing. · Familiarity with OWASP Top 10, SANS Top 25, CWE, CVE, and secure coding practices. · Knowledge of cloud environments (AWS, Azure, GCP) and their security features. · Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders. Additional Qualifications Preferred:· Industry certifications such as CSSLP, GWAPT, OSCP, or CEH · Experience with container security and CI/CD pipeline integration · Familiarity with regulatory and compliance frameworks (e.g., SOC 2, ISO 27001, PCI DSS) · Prior experience working in agile, DevOps, or fast-paced development environments

<h3 class="rh-display-3--rich-text">Technology Doesn't Change the World, People Do.®</h3> Robert Half is the world’s first and largest specialized talent solutions firm that connects highly qualified job seekers to opportunities at great companies. We offer contract, temporary and permanent placement solutions for finance and accounting, technology, marketing and creative, legal, and administrative and customer support roles. Robert Half works to put you in the best position to succeed. We provide access to top jobs, competitive compensation and benefits, and free online training. Stay on top of every opportunity - whenever you choose - even on the go. <a href="https://www.roberthalf.com/us/en/mobile-app" target="_blank">Download the Robert Half app</a> and get 1-tap apply, notifications of AI-matched jobs, and much more. All applicants applying for U.S. job openings must be legally authorized to work in the United States. Benefits are available to contract/temporary professionals, including medical, vision, dental, and life and disability insurance. Hired contract/temporary professionals are also eligible to enroll in our company 401(k) plan. Visit <a href="https://roberthalf.gobenefits.net/" target="_blank">roberthalf.gobenefits.net</a> for more information. © 2025 Robert Half. An Equal Opportunity Employer. M/F/Disability/Veterans. By clicking “Apply Now,” you’re agreeing to Robert Half’s <a href="https://www.roberthalf.com/us/en/terms">Terms of Use</a> and <a href="https://www.roberthalf.com/us/en/privacy">Privacy Notice</a>.

Oakland, CA
remote
Contract / Temporary to Hire
61.65 - 66.27 USD / Hourly
Our Oakland client is seeking a hands-on Senior Application Security Engineer to bridge application security and development teams. This is an opportunity to drive foundational application security work, working directly with developers to ensure secure software delivery across the organization. This is a contract role to start, and is 100% remote. Key Responsibilities: Bug Bounty / Ethical Hacker Program Management (Bugcrowd):<ul><li>Own daily management of our Bugcrowd program</li><li>Review and triage incoming vulnerability findings</li><li>Work with ethical hackers and engineers on issue resolution</li><li>Explain vulnerabilities and provide clear remediation guidance—understand not just what’s wrong, but how to fix it</li></ul> Secure Software Development Lifecycle (Secure SDLC):<ul><li>Help design and mature our secure SDLC program (security is early in the journey here)</li><li>Partner with developers to integrate security testing early in the process</li><li>Perform and coordinate hands-on security testing prior to production releases</li><li>Identify and remediate vulnerabilities before deployment</li></ul> Code Scanning & Tooling (Snyk):<ul><li>Manage and interpret findings from Snyk across code repositories</li><li>Review, validate, and prioritize vulnerabilities, supporting developers to distinguish real issues from false positives</li><li>Provide actionable, clear guidance for remediations</li></ul> Social Account Security Oversight:<ul><li>Oversee security for company social media and brand accounts</li><li>Enforce MFA, SSO, and leverage Survey as a tool for access management</li></ul>
2026-02-10T21:53:42Z

Senior Security Engineer Job in Oakland, CA | Robert Half