opengreenhousebaincapitalventures
Application Security Engineer
SmartRent
LocationPhoenix, Arizona
Last observed2026-06-24 08:29:23.464799
Job idbaincapitalventures-smartrent:greenhouse:5982565004
Who We Are SmartRent (NYSE: SMRT) is revolutionizing how people live and work with the industry’s only end-to-end platform designed for the rental housing industry. By uniting purpose-built software, integrated hardware and full implementation and support in one ecosystem, we help owners and operators simplify operations, cut costs and deliver exceptional resident experiences. Recognized by Deloitte, HousingWire and the PropTech Breakthrough Awards, SmartRent is shaping the future of property technology and redefining what it means to make rental housing smarter. Job Description The Application Security Engineer is responsible for supporting the security and privacy of the SmartRent platform through the management of information security risk, system resilience, and compliance activities. This role uses cloud-native and third-party security tools to protect company assets and data across multiple platforms. This role partners with engineering, development, and external stakeholders to implement and maintain security policies, processes, and standards, including secure software development lifecycle (SDLC) practices. Success in this role requires strong communication skills, the ability to coordinate across multiple technical teams, and the ability to support consistent security practices across the organization. Responsibilities Develop and execute a comprehensive application security strategy aligned with business objectives and industry standards. Maintain and advise on secure coding standards, security documentation, and application security processes. Deliver application security and privacy training for development teams. Review source code to identify security vulnerabilities, insecure patterns, secrets exposure, and risks associated with AI-generated code. Triage, reproduce, and support remediation of application vulnerabilities (e.g., SQL injection, XSS, access control weaknesses) identified through automated tools (SAST, DAST, SCA) or manual analysis. Manage application security workflows, including task prioritization, ticket tracking, and coordination with development and DevOps teams. Maintain and enhance SmartRent’s responsible disclosure and vulnerability reporting program. Partner with developers to implement encryption, hashing, and secure key management practices. Collaborate with developers and engineering teams to perform threat modeling, identify attack paths, and assess weaknesses. Lead the investigation and mitigation of application-level security incidents, collaborating with the SOC and engineering teams to ensure rapid remediation and stakeholder communication. Provide guidance on security and privacy controls for cloud infrastructure (AWS), application development, and IoT hardware. Conduct regular application risk assessments to identify vulnerabilities and emerging threats. Research emerging cybersecurity risks and recommend mitigation strategies as appropriate. Perform adversarial testing and security validation of applications, including internal AI models and services. Use cloud-native security tools to identify and secure large language model (LLM) integrations and implement appropriate security guardrails. Required Qualifications 4–6 years of experience in application security, including development and maintenance of security policies and collaboration with engineering and release teams. Experience identifying and remediating application vulnerabilities across modern programming languages, including Elixir, JavaScript, Ruby, Python, or similar languages. Strong knowledge of OWASP Top 10, OWASP API Top 10, and modern authentication mechanisms, including JWT and OAuth. Hands-on experience with application security tools, including SAST, DAST, and SCA platforms (e.g., GHAS, Burp Suite, Fortra, or similar tools). Experience working with cloud security controls, including AWS-native tools, web application firewalls (WAF), or similar technologies. Experience managing or supporting vulnerability disc
This page is generated from the committed OpenOpps static snapshot. Use the source posting or apply link for the employer's current canonical posting state.