SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 10008, New York, NY
  3. Senior Application Security Engineer

Senior Application Security Engineer

Imprint
Posted 6 days ago, valid for 11 days
Location

New York, NY 10008, US

Salary

$170,000 - $220,000 per year

Contract type

Full Time

Paid Time Off
Flexible Spending Account

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • Imprint is seeking a Senior Application Security Engineer with 5+ years of experience in cybersecurity, specifically focused on Application Security.
  • The role involves designing and implementing security best practices, conducting threat modeling, and collaborating with engineering teams to address vulnerabilities.
  • Candidates should have hands-on coding experience and familiarity with modern development stacks, as well as proficiency with SAST/DAST tools and cloud security services.
  • Imprint offers competitive compensation and equity packages, along with flexible paid time off and fully covered healthcare benefits.
  • This hybrid position allows for remote work with three days per week on-site in New York City, San Francisco, or Seattle.

Who We Are

Imprint is reimagining co-branded credit cards & financial products to be smarter, more rewarding, and truly brand-first. We partner with companies like Crate & Barrel, Rakuten, Booking.com, H-E-B, Fetch, and Brooks Brothers to launch modern credit programs that deepen loyalty, unlock savings, and drive growth. Our platform combines advanced payments infrastructure, intelligent underwriting, and seamless UX to help brands offer powerful financial products—without becoming a bank.

Co-branded cards account for over $300 billion in U.S. annual spend—but most are still powered by legacy banks. Imprint is the modern alternative: flexible, tech-forward, and built for today’s consumer. Backed by Kleiner Perkins, Thrive Capital, and Khosla Ventures, we’re building a world-class team to redefine how people pay—and how brands grow. If you want to work fast, solve hard problems, and make a real impact, we’d love to meet you.

The Team

The Security Engineering team at Imprint is foundational to ensuring the safety and trust of our customers, partners, and products. We are committed to developing a robust and scalable security program that protects our infrastructure, applications, and data from threats, all while enabling the company to innovate quickly and safely. By joining this fast growing FinTech startup, you’ll have a major impact on shaping the future of payments and card technology.

The Role
As a Senior Application Security Engineer, you’ll be a linchpin in ensuring our products and services are built securely from the ground up. You’ll design and implement security best practices within our applications, conduct robust testing, and empower engineering teams to proactively address vulnerabilities.

Location

This is a hybrid role, splitting your time between remote work and 3 days per week on-site at our New York City, San Francisco or Seattle offices

What You’ll Do

  • Conduct systematic threat modeling (e.g., leveraging the MITRE ATT&CK framework) to identify risks, define attack paths, and propose mitigations early in the development lifecycle.

  • Perform in-depth security architecture reviews to ensure applications and microservices follow secure design principles.

  • Collaborate with engineering teams to conduct code reviews, pinpoint vulnerabilities, and champion OWASP Top 10 best practices.

  • Integrate SAST and DAST into CI/CD pipelines, ensuring continuous and automated detection of security flaws.

  • Analyze testing reports and guide teams toward swift, effective remediation strategies.

  • Perform or coordinate targeted penetration tests on critical applications and systems.

  • Document findings and partner with engineers to implement sustainable fixes.

  • Advise on symmetric and asymmetric encryption mechanisms to safeguard data at rest and in transit.

  • Oversee secure key management, ensuring cryptographic libraries and protocols are properly utilized.

  • Develop and deliver training on secure coding fundamentals and OWASP principles.

  • Lead the “shift-left” security movement by embedding security considerations in early stages of development—a strong development background is required to effectively collaborate and coach.

  • Investigate and document application-focused security incidents.

  • Maintain and refine incident response playbooks, integrating lessons learned into ongoing improvements.

  • Align AppSec practices with PCI DSS, SOC 2, and relevant frameworks to support regulatory audits.

  • Work closely with Risk, Fraud, and Compliance teams to ensure continuous alignment between engineering, security, and business goals.

What We Look For

  • 5+ years in cybersecurity, specifically focused on Application Security.

  • Hands-on coding experience and familiarity with modern development stacks (e.g., microservices, REST APIs, containerized environments).

  • Proficiency with SAST/DAST tools, threat modeling methodologies (e.g., MITRE ATT&CK), cryptography concepts (key management, encryption standards), and cloud security services (AWS, GCP, or Azure).

  • Excellent communication, collaboration, and problem-solving skills in a fast-paced, cross-functional setting.

Nice To Have

  • Industry certifications (CISSP, CSSLP, OSCP, CEH)
    Experience with compliance frameworks (PCI DSS, SOC 2, ISO 27001).

  • Exposure to fintech/payments environments

Perks & Benefits

  • Competitive compensation and equity packages

  • Leading configured work computers of your choice

  • Flexible paid time off

  • Fully covered, high-quality healthcare, including fully covered dependent coverage

  • Additional health coverage includes access to One Medical and the option to enroll in an FSA

  • 20 weeks of paid parental leave for the primary caregiver and 8 weeks for all new parents

  • Access to industry-leading technology across all of our business units, stemming from our philosophy that we should invest in resources for our team that foster innovation, optimization, and productivity

Imprint is committed to a diverse and inclusive workplace. Imprint is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status. Imprint welcomes talented individuals from all backgrounds who want to build the future of payments and rewards. If you are passionate about FinTech and eager to grow, let’s move the world forward, together.



Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs