Application Security Engineer

Seeking an experienced App Sec engineer to join us in leveling up the software security practice. You will be working in a distributed product security engineering team, supporting development teams with application security expertise. You'll play a critical role in constantly improving the security posture for our fast-paced, rapidly-changing environment, ensuring the platform and our 400+ million users are protected. We are experts in many security domains, willing to teach and learn from anyone at the company.

Have a real impact on long-term architectural improvements on one of our highest priority products that is used by our highest profile creators and brings in significant revenue.

Building and implementing services: aiding in designing and developing a new database access layer as well as extracting functionality from existing rails models and services.

Untangling callbacks: the podcast and episode models which contain a significant amount of business logic being handled via callbacks will be migrated towards a pub/sub model

Migrating operations: Shifting Episode and Podcast (Create, Read, Update, Delete) operations to the new centralized CMS service.

The ideal candidate possesses deep expertise in Ruby on Rails and a proven track record of working with large-scale enterprise systems. A strong preference exists for candidates with experience directly related to monolith-to-microservices migration.

Application Security - 5+ years of hands-on technical experience with software security.

Security Frameworks - Strong knowledge of OWASP Top 10 for Web and API; experience with Mobile and LLM security frameworks is highly preferred.

Code Analysis (SAST) - Ability to read and analyze findings from SAST tools across multiple languages: Java, Python, Scala, C++, and TypeScript.

SAST Tool Tuning - Demonstrable experience with tuning SAST tools to reduce false positives and fit organizational needs. Experience writing QL queries for CodeQL is preferred.

Automation & Development - Comfortable writing code to integrate security tools and automate work using modern software development practices.

Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.

At Randstad Digital, we welcome people of all abilities and want to ensure that our hiring and interview process meets the needs of all applicants. If you require a reasonable accommodation to make your application or interview experience a great one, please contact

Pay offered to a successful candidate will be based on several factors including the candidate's education, work experience, work location, specific job duties, certifications, etc. In addition, Randstad Digital offers a comprehensive benefits package, including: medical, prescription, dental, vision, AD&D, and life insurance offerings, short-term disability, and a 401K plan (all benefits are based on eligibility).

This posting is open for thirty (30) days.


It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.