Senior Application Security Engineer

Hippo

Hybrid

Quick summary

Work type: Hybrid
Location: San Jose, CAMorristown, NJ
Salary: $151,000–$226,250 / yr
Posted: 57 days ago
Nearby: 99+ roles within 25 mi

Market check

Salary context

Competitive pay

How this pay compares to similar roles

Similar $197k

This role $189k

$141k most similar roles pay here $241k

This role pays less than 59% of similar roles. Most pay $163,375–$231,081 — the shaded band above. At the midpoint, this role pays about $189k versus about $197k for comparable roles.

Based on 240 similar postings.

Employer

About Hippo

Hippo Insurance is a home insurance company that offers proactive home insurance products using smart home technology and data to help homeowners prevent claims before they happen. Industry: Insurance Technology & Homeowners Insurance

Hippo currently has 7 open roles on FindRole.

Most-posted roles

View all roles at Hippo

At a glance

TL;DR · Senior Application Security Engineer

Apply Now Log in to save

The Senior Application Security Engineer role at Hippo is a senior individual contributor position within the Cybersecurity team, focusing on driving application security outcomes across engineering. This expert will provide deep technical guidance and influence secure design decisions in areas like CI/CD pipelines, cloud environments, and identity systems, while independently resolving complex security challenges with broad organizational impact. Key responsibilities include threat modeling, risk assessment, mentoring engineers, and operationalizing automated security tooling. Ideal candidates have over six years of application security experience, strong knowledge of CIAM protocols, and proficiency in modern programming languages. Experience with cloud-native architectures, Kubernetes, and regulated environments is a plus.

Skills

OAuth2 OIDC SAML JWT MFA CI/CD Kubernetes SAST DAST SCA Python PostgreSQL AWS Azure GitHub Swagger RESTful APIs JSON Web Tokens OWASP Top 10 DevSecOps

What you'll do

Serve as a senior subject matter expert in application security, providing authoritative guidance.
Identify and assess application-centric security risks across code, CI/CD pipelines, identity systems, and cloud environments.
Independently own and drive resolution of complex application security challenges with broad organizational impact.
Apply threat modeling and adversarial thinking to inform defensive improvements and strengthen application resilience.
Mentor engineers and security partners, elevating application security maturity by embedding secure design principles.

What we're looking for

6+ years of experience in application security or product security roles.
Strong understanding and hands-on experience with CIAM, authentication protocols (OAuth2, OIDC, SAML, JWT).
Proven track record of improving application security outcomes across multiple teams and systems.
Deep expertise securing web applications, APIs, distributed systems, WAFs, and customer identity platforms.
Solid understanding of cloud-native architectures and CI/CD pipelines from an application risk perspective.
Experience designing or maintaining automated security tooling (SAST, DAST, SCA, secrets detection).
Proficiency in one or more modern programming languages.

Save