Senior Application Security Engineer

Responsibilities

• Conduct threat modeling and security reviews for distributed cloud-native systems
• Perform security code reviews, static/dynamic analysis (SAST/DAST), and dependency scanning
• Partner with developers and QA engineers to embed security testing into CI/CD pipelines
• Review architecture and design documents to identify and mitigate risks early
• Stay current on evolving security risks, including AI/ML-specific threats like prompt injection and model poisoning
• Advocate for secure coding practices through workshops, documentation, and code reviews
• Contribute to security automation initiatives and internal security standards

Requirements

• Bachelor's degree in Computer Science, Cybersecurity, or a related field
• 2-4 years of experience in Application Security, DevSecOps, or Secure Software Development
• Strong understanding of OWASP Top 10 and SANS CWE Top 25
• Experience with frameworks such as React, Node.js, Django, or FastAPI
• Knowledge of securing APIs, microservices, and authentication (OAuth2, OIDC, JWT)
• Experience with cloud platforms (AWS, GCP, or Azure) and containerization (Docker, Kubernetes)
• Proficiency with security testing tools such as Semgrep, SonarQube, Burp Suite, or Zap

Preferred Qualifications

• Familiarity with AI/ML security concepts such as data poisoning and adversarial testing
• Experience with automation frameworks and scripting for security testing
• Relevant security certifications (e.g., OSCP, GWAPT, CSSLP)

About the Company

Zeta Global is a NYSE-listed data-powered marketing technology company that combines massive proprietary datasets with Artificial Intelligence to unlock consumer intent and personalize experiences. Operating at scale, Zeta powers real-time marketing platforms for some of the world's leading brands.