Hippo Insurance Logo

Hippo Insurance

Senior Application Security Engineer

Reposted 7 Days Ago
Hybrid
Austin, TX
150K-250K Annually
Senior level
Hybrid
Austin, TX
150K-250K Annually
Senior level
The Senior Application Security Engineer drives application security outcomes, guiding secure design decisions, identifying risks, and mentoring teams across multiple projects.
The summary above was generated by AI

Title: Senior Application Security Engineer

Location: Austin, TX / Dallas, TX / San Francisco Bay Area, CA / Morristown, NJ (hybrid)

Reports To: Sr. Manager, Cybersecurity

About Hippo

Hippo exists to protect the joy of homeownership. We believe that insurance should protect the things you treasure through an intuitive, modern experience. We provide tailored insurance coverage and preventative maintenance plans that keep you protected throughout your homeowner journey. We’ll also help you find coverage for everything life brings—from auto to flood—reimagining how you care for your home.

About the Role

The Senior Application Security Engineer is a senior individual contributor responsible for driving application security outcomes across Hippo’s engineering organization. This role serves as a trusted subject matter expert in application security, providing deep technical guidance and influencing secure design decisions across multiple teams, products, and services.

This position is application-security–first, with intentional overlap into cloud and platform security where application code, identity, CI/CD pipelines, and infrastructure intersect. While the role does not own infrastructure, security programs, or formal departmental priorities, it is accountable for identifying application-centric risks and guiding high-impact security decisions through expertise, partnership, and advisory influence.

Operating with significant autonomy, the Senior Application Security Engineer independently owns complex and ambiguous security challenges end-to-end, ensuring outcomes align with business objectives and risk tolerance. This role emphasizes technical leadership, cross-functional collaboration, and mentorship rather than people management.

About You

You are a seasoned application security professional with deep technical expertise and strong judgment, trusted to guide complex security decisions in high-impact environments. You think adversarially, understand modern application architectures, and can clearly articulate risk tradeoffs to engineering, product, and security leadership.

You are comfortable operating independently in ambiguous situations, influencing outcomes through credibility and collaboration rather than formal authority. You communicate clearly, mentor others naturally, and help elevate application security maturity across teams by embedding secure design principles into everyday engineering practices.

What You'll Do:

  • Serve as a senior subject matter expert in application security, providing authoritative guidance on secure design, authentication, identity flows, API security, and cloud-native application risks.
  • Act as a trusted security advisor during architecture reviews, design discussions, and risk assessments across multiple teams and services.
  • Identify, assess, and clearly communicate application-centric security risks across application code, CI/CD pipelines, identity systems, and cloud environments.
  • Independently own and drive resolution of complex and ambiguous application security challenges with broad organizational impact.
  • Apply threat modeling, attack-path analysis, and adversarial thinking to inform defensive improvements and strengthen application resilience.
  • Contribute technically to broader security programs by shaping standards, best practices, secure patterns, and technical guidance.
  • Support security incidents and targeted threat-hunting efforts by providing application security expertise, root-cause analysis, and remediation guidance.
  • Design, improve, and help operationalize automated security tooling and pipelines (e.g., SAST, DAST, SCA, secrets detection).
  • Mentor engineers and security partners across teams, acting as a force multiplier to improve secure design and decision-making at scale.
  • Communicate risks, recommendations, and standards clearly to senior engineers and security leadership to influence technical direction.

Must Haves:

  • 6+ years of experience in application security or product security roles.
  • Demonstrated impact improving application security outcomes across multiple teams, systems, or business domains.
  • Deep experience securing web applications, APIs, distributed systems, WAFs, and customer identity platforms.
  • Strong understanding of authentication and identity protocols (OAuth2, OIDC, SAML, JWT, MFA).
  • Proven ability to review system designs, data flows, and identify architectural security risks.
  • Solid understanding of cloud-native application architectures and CI/CD pipelines from an application risk perspective.
  • Experience designing or maintaining automated security tooling and pipelines (SAST, DAST, SCA, secrets detection).
  • Proficiency in one or more modern programming languages.

Nice to Have:

  • Experience threat modeling or assessing AI-powered features and LLM integrations.
  • Application-focused penetration testing or adversarial security testing experience.
  • Familiarity with Kubernetes, container security, and infrastructure-as-code as they relate to application security.
  • Experience operating in regulated environments.
  • Relevant security certifications (e.g., OSWE, GWAPT, CSSLP).

Benefits and Perks:

Hippo treats its team members with the same level of dedication and care as we do our customers, which is why we’re fortunate to provide all of our Hippos with: 

  • Healthy Hippos Benefits - Multiple medical plans to choose from and 100% employer covered dental & vision plans for our team members and their families. We also offer a 401(k)-retirement plan, short & long-term disability, employer-paid life insurance, Flexible Spending Accounts (FSA) for health and dependent care, and an Employee Assistance Program (EAP)
  • Equity - This position is eligible for equity compensation 
  • Training and Career Growth - Training and internal career growth opportunities
  • Flexible Time Off - You know when and how you should recharge
  • Little Hippos Program - We offer 12 weeks of parental leave for primary and secondary caregivers
  • Hippo Habitat - Snacks and drinks available and catered lunches for onsite employees

Hippo is an equal opportunity employer, and we are committed to building a team culture that celebrates diversity and inclusion. Hippo’s applicants are considered solely based on their qualifications, without regard to an applicant’s disability or need for accommodation. Any Hippo applicant who requires reasonable accommodations during the application process should contact the Hippo’s People Team to make the need for an accommodation known. 

Similar Jobs

Yesterday
In-Office or Remote
USA
Senior level
Senior level
eCommerce • Information Technology • Software
The Senior Application Security Engineer ensures the security of systems and data by monitoring vulnerabilities, responding to incidents, and promoting security best practices within the organization.
Top Skills: Aws CloudCloudflareDockerDynamoDBGitlabKubernetesLaravelMySQLNode.jsPHPServerless FrameworkSysdigVantaVue
36 Minutes Ago
Easy Apply
Remote or Hybrid
United States
Easy Apply
113K-145K Annually
Junior
113K-145K Annually
Junior
Artificial Intelligence • Cloud • Computer Vision • Hardware • Internet of Things • Software
Pre-sales Sales Engineer supporting Public Sector mid-market customers by demonstrating Samsara IoT solutions, running demos and proofs-of-concept, advising on hardware installation and data collection, building integrations via open APIs and scripting, and acting as the technical liaison between product and sales to drive adoption and upsell.
Top Skills: AIArduinoBashCan BusCloud SoftwareCloud-Connected HardwareComputer NetworkingComputer VisionIotJavaScriptOpen ApiPower Take Off (Pto)PythonRaspberry Pi
37 Minutes Ago
Hybrid
72K-98K Annually
Mid level
72K-98K Annually
Mid level
Artificial Intelligence • Fintech • Software
Support and enable partner implementers by troubleshooting, onboarding, shadowing, training, and creating enablement materials. Maintain module subject-matter expertise, perform quarterly low-complexity customer implementations, and align with Professional Services for methodology and best practices.
Top Skills: Customer Success/Experience SystemsFloqastLearning Management SystemsMonth-End Close SoftwareSalesforce

What you need to know about the Charlotte Tech Scene

Ranked among the hottest tech cities in 2024 by CompTIA, Charlotte is quickly cementing its place as a major U.S. tech hub. Home to more than 90,000 tech workers, the city’s ecosystem is primed for continued growth, fueled by billions in annual funding from heavyweights like Microsoft and RevTech Labs, which has created thousands of fintech jobs and made the city a go-to for tech pros looking for their next big opportunity.

Key Facts About Charlotte Tech

  • Number of Tech Workers: 90,859; 6.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lowe’s, Bank of America, TIAA, Microsoft, Honeywell
  • Key Industries: Fintech, artificial intelligence, cybersecurity, cloud computing, e-commerce
  • Funding Landscape: $3.1 billion in venture capital funding in 2024 (CED)
  • Notable Investors: Microsoft, Google, Falfurrias Management Partners, RevTech Labs Foundation
  • Research Centers and Universities: University of North Carolina at Charlotte, Northeastern University, North Carolina Research Campus

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account