Senior Security Engineer - Application Security

About the role:

Were looking for a Senior Security Engineer with deep expertise in application security to contribute to efforts across Samsaras product and corporate environments. You will be responsible for the execution of a number of companywide initiatives including topics related to secure software development vulnerability management secure code analysis threat modeling and bug bounty operations. As a senior contributor you will partner with engineering and product teams to identify and mitigate security risks early in the development lifecycle and drive securebydefault practices across our tech stack.

This is a highly visible role that will require a mix of handson technical expertise and strategic influence. Youll help shape the future of application security at Samsara acting as a subject matter expert in Python and Go security and running detailed threat modeling sessions for both production systems and internal tooling.

At Samsara we value working backwards from outcomes. Your ability to define success influence across domains and deliver practical solutions that scale with the business is pivotal.

You should apply if:

• You want to impact the industries that run our world: Your efforts will result in realworld impacthelping to keep the lights on get food into grocery stores reduce emissions and most importantly ensure workers return home safely.
• You are the architect of your own career: If you put in the work this role wont be your last at Samsara. We set up our employees for success and have built a culture that encourages rapid career development and countless opportunities to experiment and master your craft in a hypergrowth environment.
• Youre energized by our opportunity: The vision we have to digitize large sectors of the global economy requires your full focus and best efforts to bring forth creative ambitious ideas for our customers.
• You want to be with the best: At Samsara we win together celebrate together and support each other. You will be surrounded by a highcaliber team that will encourage you to do your best.

In this role you will:

• Participate in expanding Samsaras enterprisewide application security strategy covering both product and internal systems.
• Collaborate on the design and implementation of scalable security controls including static code analysis (SAST) software composition analysis (SCA) and secret scanning pipelines.
• Perform indepth threat models of critical systems and features working with engineering and infrastructure teams to mitigate identified risks.
• Act as a subject matter expert in Python and Go security practicesreviewing code building secure patterns and educating engineers across the business.
• Partner with developers to remediate highimpact vulnerabilities and build preventative controls that reduce recurring risk.
• Participate in our responsible disclosure and bug bounty program.
• Influence the design and implementation of secure CI/CD practices including shiftleft testing developer feedback loops and supply chain integrity.
• Contribute to the Security Engineering teams technical strategy roadmap planning and engineering culture.
• Champion role model and embed Samsaras cultural principles (Focus on Customer Success Build for the Long Term Adopt a Growth Mindset Be Inclusive Win as a Team) as we scale globally and across new offices.

Minimum Requirements:

• 46 years of experience in application security product security or a related security engineering field.
• Strong experience in at least one programming language including deep familiarity with Python or Go security best practices.
• Demonstrated ability to perform and lead threat modeling exercises and translate risks into actionable recommendations.
• Experience with SAST/SCA tools such as Semgrep CodeQL or Snyk and integrating them into developer workflows.
• Handson knowledge of vulnerability management tools and workflows including triage remediation and reporting practices.
• Familiarity with modern CI/CD practices and experience embedding security testing into development pipelines.
• Strong collaboration and communication skills with experience partnering across teams and disciplines.
• Working knowledge of cloud environments (especially AWS) and infrastructureascode practices (Terraform preferred).

An ideal candidate also has:

• Experience managing application security within a regulated or complianceheavy environment (e.g. FedRAMP SOC 2).
• Familiarity with Tines AWS Lambda or similar automation tools for orchestrating security workflows.
• Contributions to open source security tooling or thought leadership in the AppSec community.
• Experience defining internal security standards or secure coding guidelines at scale.

Required Experience:

Senior IC