SIGN IN
Senior AppSec Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

OneStream Software · 3 days ago

Senior AppSec Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$158K/yr - $198K/yr
date8+ years exp
OneStream Software is a company that empowers finance teams to unify financial and operational data. The Senior Application Security Engineer will play a key role in securing the OneStream platform by defining secure coding practices, performing application security testing, and collaborating with engineering teams on security design.
Artificial Intelligence (AI)FinanceSoftwareInformation TechnologyFinancial Services
check
Growth OpportunitiesbadNo H1Bnote

Responsibilities

Perform manual and automated application security testing to identify vulnerabilities across the OneStream platform
Conduct code analysis to assess and ensure the security of application code
Evaluate the software development lifecycle (SDLC) to identify opportunities to strengthen application and supply chain security
Partner with Development and Engineering teams to embed security into OneStream services and workflows
Collaborate with members of the Security team to identify attack patterns and indicators of compromise
Design, develop, and maintain custom security testing tools to support internal testing efforts
Define, document, and enforce secure development policies, standards, and procedures
Provide mentorship and technical guidance to junior members of the Security team to support growth and knowledge sharing
Document, communicate, and report security findings and risks identified during testing activities
Perform penetration testing against OneStream assets to validate application and infrastructure security
Conduct security architecture and design reviews to ensure secure-by-design implementations
Provide secure design and secure coding guidance to engineering teams throughout the development lifecycle

Qualification

Application Security TestingPenetration TestingC#.NETThreat ModelingSecure Coding PracticesSecurity Architecture ReviewsOffensive Security CertificationsAnalytical SkillsMultitasking SkillsCommunication SkillsSelf-Motivated

Required

Bachelor's degree in Computer Science, Engineering, or a related field with 8+ years of experience in application security testing, penetration testing, or software development; or
Master's degree in Computer Science, Engineering, or a related field with 3+ years of experience in application security testing, penetration testing, or software development; or
Associate degree in Computer Science, Engineering, or a related field with 12+ years of experience in application security testing, penetration testing, or software development
3+ years of hands-on experience conducting threat modeling for applications and systems and translating findings into actionable remediation guidance

Preferred

Experience writing and reviewing C# and .NET code, including secure coding and code review practices
Hands-on experience performing penetration testing of web applications
Experience decompiling and reverse engineering .NET libraries
Broad experience across IT security and infrastructure, security risk management, and compliance frameworks such as SOC 2 and FedRAMP, including security policies, procedures, testing, auditing, and internal audit
Industry-recognized offensive security or penetration testing certifications, such as: Offensive Security Certified Professional (OSCP), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Penetration Tester (GPEN), Other relevant offensive security or penetration testing certifications
Outstanding written and verbal communication skills, with the ability to clearly explain complex technical concepts to both technical and non-technical audiences

Benefits

Vision
Medical
Life
Dental
401K
Excellent Medical Plan
Dental & Vision Insurance
Life Insurance
Short & Long Term Disability
Vacation Time
Paid Holidays
Professional Development
Retirement Plan

Company

OneStream Software

twittertwittertwitter
Glassdoor4.2
company-logo
OneStream Software is an independent software company that develops a financial planning and analysis software.
dateFounded in 2010
location
Rochester, Michigan, USA
people-size1001-5000 employees
web-link
https://www.onestream.com

Funding

Current Stage
Public Company
Total Funding
$665M
Key Investors
D1 Capital Partners
2026-01-06Private Equity
2026-01-06Acquired
2024-11-14Post Ipo Secondary· $465M

Leadership Team

leader-logo
Tom Shea
Chief Executive Officer
linkedin
leader-logo
Craig Colby
President - Co-founder
linkedin

Recent News

PR Newswire
OneStream Named a Leader in the IDC MarketScape for Enterprise Planning, Budgeting, and Forecasting Applications Vendor Assessment
2026-02-05
Sourcery
FOMO: All the deals you missed
2026-01-15
SiliconANGLE
AI, robotics and Nvidia’s CEO dominate the conversation at CES
2026-01-11
Company data provided by crunchbase