Note: The job is a remote job and is open to candidates in USA. NinjaTrader is an industry-leading trading platform and futures broker, committed to empowering traders with cutting-edge products and services. They are seeking a Staff Security Engineer, Application Security to help scale and mature their security program, ensuring systems are secure by design and driving meaningful impact through automation and secure design.
Responsibilities
- Own key security domains such as vulnerability management, application security, API security, and supply chain security
- Drive improvements in security coverage, prioritization, and remediation workflows
- Partner with engineering teams to integrate security into design reviews, threat modeling, CI/CD pipelines, and developer workflows
- Provide actionable, pragmatic guidance that helps teams ship securely
- Develop and improve security tooling and automation to reduce manual effort
- Implement and tune tools for SAST, SCA, DAST, dependency security, and container security
- Leverage AI/LLMs where appropriate to improve triage, detection, and review processes
- Triage and prioritize vulnerabilities using risk-based approaches
- Partner with teams to ensure timely remediation of critical issues
- Help define and improve SLAs, metrics, and reporting
- Conduct threat modeling, design reviews, and security assessments
- Contribute to incident response and postmortems for security events
- Identify and help remediate systemic risks
Skills
- 7+ years of experience in Application Security, Product Security, or Security Engineering
- Strong hands-on experience with threat modeling and secure design
- Experience with vulnerability management and application security tooling
- Experience working in cloud-native environments such as AWS and GCP
- Experience integrating security into CI/CD pipelines and developer workflows
- Ability to write code in Python, Go, or similar languages for automation and tooling
- Strong ability to work cross-functionally with engineering teams
- Experience scaling security in a high-growth or late-stage startup
- Familiarity with AI-driven security workflows or automation
- Background in API security, data protection, or multi-tenant systems
- Experience with bug bounty programs and penetration testing
- Security certifications such as CISSP
Benefits
- Annual target bonus of 12%. Bonus pay at NinjaTrader is based on individual performance (50%) as well as company/team performance (50%)
- 401K plan through ADP under which the company will match up to 3.5% of employee contributions
- Annual paid time off allowance accrues at a rate of 23 days per year (some positions may qualify for more) plus seven paid holidays
- Remote flexibility for exceptional candidates in the following states: California, Colorado, Florida, Georgia, Illinois, Indiana, Minnesota, Missouri, Montana, New Jersey, New York, North Carolina, Ohio, Oregon, Pennsylvania, South Carolina, Texas, Utah, Vermont, Virginia, Washington, Washington DC, Wisconsin
- Hybrid work schedule: In-office Tuesday through Thursday, with remote work on Mondays and Fridays
- 20 additional flex remote days annually
- 5 Company Wide Office-Optional weeks tied to major holidays
- Generous PTO
- 7 Paid Holidays Annually + 5 Conditional Holidays Annually
- 1 Service Day Annually
- 401k with 3.5% Company Match
- Paid Parental Bonding Leave
- Health, Vision, Dental Coverage
- Life and Disability Insurance Covered 100% by NinjaTrader
Company Overview
Company H1B Sponsorship