Application Security Engineer
Build and scale vulnerability management for blockchain financial products
As an Application Security Engineer at Figure, you will architect and implement end-to-end security solutions for blockchain-based financial products. You'll integrate security into CI/CD pipelines with DevOps, conduct security assessments and threat modeling, and ensure secure coding practices are embedded throughout the software development lifecycle. Your work will protect Figure's platform that has originated over $22 billion in home equit...
Why This Role?
Work on blockchain-native financial products used by hundreds of thousands of consumers and institutions
Key Responsibilities
- Architect and implement end-to-end security solutions including firewalls, intrusion detection, and encryption protocols
- Integrate security into CI/CD pipelines with DevOps for automated secure deployments
- Conduct regular security assessments, threat modeling, and vulnerability management
- Collaborate with Engineering, DevOps, and IT to embed secure coding practices into workflows
- Ensure security standards are met at every stage of the software development lifecycle
- Design and deploy cloud security controls and security event management systems
Requirements
- Strong background in reading and writing code
- Experience building and scaling vulnerability management programs
- Knowledge of secure coding practices and security standards
- Experience with cloud security controls and intrusion detection systems
- Ability to collaborate with Engineering, DevOps, and IT teams
- Familiarity with security event management and encryption protocols
Required Skills
Indonesia Context
- Working Hours Overlap:
- Flexible — work your own hours
Keywords
View Original Description from Greenhouse Boards
Original description from Greenhouse Boards
<p><strong>About Figure</strong></p> <p>Figure (NASDAQ: FIGR) is transforming capital markets through blockchain. We’re proving that blockchain isn’t just theory - it’s powering real products used by hundreds of thousands of consumers and institutions. </p> <p>By combining blockchain’s transparency and efficiency with AI-driven automation, we’ve reimagined how loans are originated, funded, and traded in secondary markets. From faster processing times to lower costs and reduced bias, our technology is helping borrowers, investors, and financial institutions achieve better outcomes.</p> <p>Together with our 170+ partners, we’ve originated over $22 billion in home equity loans (HELOCs) on our blockchain-native platform, making Figure the largest non-bank provider of home equity financing in the U.S. Figure’s ecosystem also includes YLDS, an SEC-registered yield-bearing stablecoin that operates as a tokenized money market fund, and several other products and platforms that are reshaping consumer finance and capital markets. </p> <p>We’re proud to be recognized as one of <a href="https://www.forbes.com/lists/fintech50/">Forbes’ Most Innovative Fintech Startups in 2025</a> and <a href="https://www.fastcompany.com/91269557/finance-personal-finance-most-innovative-companies-2025">Fast Company’s Most Innovative Companies in Finance and Personal Finance</a>.</p> <p><strong>About the Role</strong></p> <p>As an Application Security Engineer at Figure, you will be pivotal in the security of our software from the first line of code through deployment. You'll build and scale our vulnerability management program, embed secure coding practices into engineering workflows, and help ensure security standards are met at every stage of the software development lifecycle. We’re looking for a collaborative, hands-on engineer with a strong background in reading and writing code. You’ll partner closely with Engineering, DevOps, and IT to ensure our security processes are resilient, scalable, and seamlessly integrated into our workflows.</p> <p><strong>What You’ll Do</strong></p> <ul> <li>Architect, design, and implement end-to-end security solutions, including firewalls, intrusion detection, encryption protocols, security event management, and cloud security controls.</li> <li>Collaborate with DevOps to integrate security into CI/CD pipelines, ensuring automation and repeatability of secure deployments.</li> <li>Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.</li> <li>Lead cross-team initiatives that significantly improve our security posture while balancing speed and innovation.</li> <li>Mentor engineers on security best practices and build a culture of security by design.</li> <li>Actively participate in incident response, on-call rotations, and post-incident reviews to continuously improve defenses.</li> </ul> <p><strong>What We Look For</strong></p> <ul> <li>Improve and run Figure's vulnerability management program including triage, prioritization, tracking remediation, and reporting on risk reduction over time.</li> <li>Collaborate with DevOps to integrate security gates at various points throughout the software development lifecycle, ensuring automation and repeatability of secure deployments.</li> <li>Manage third-party penetration tests, including scoping, vendor coordination, and tracking remediation of findings.</li> <li>Automate sources of toil, such as routine patching or dependency upgrades.</li> <li>Conduct threat modeling and security reviews for new features and services, partnering with engineering teams early in the design process.</li> <li>Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.</li> <li>Lead cross-team initiatives that significantly improve our security posture while balancing speed and innovation.</li> <li>Actively participate in incident response, on-call rotations, and post-incident reviews to continuously improve defenses.</li> <li>Adhere to all company security policies and data handling procedures.</li> <li>Complete mandatory security awareness training within required timeframes.</li> <li>Promptly report any suspected security incidents or suspicious activity to the Security team.</li> </ul> <p class="p1"><strong>Salary</strong></p> <ul class="ul1"> <li class="li1">Base Compensation Range: $120,000-$154,440/yr</li> <li class="li1">25% annual bonus target, paid quarterly </li> <li class="li1">Company equity in the form of RSUs</li> </ul> <p>This is the compensation range for the role in the United States. Actual compensation may vary based on a candidate’s experience, skills, location, internal equity, and evolving business needs. While most offers are generally made within the middle of the range, final compensation is determined based on the factors above.</p> <p class="p1"><strong>Benefits</strong></p> <ul class="ul1"> <li class="li1">Comprehensive medical, dental, and vision coverage, with 100% employer-paid premiums for employees and their dependents on select plans<br data-start="2866" data-end="2869">Company HSA, FSA, Dependent Care FSA, 401(k), and commuter benefits<br data-start="2936" data-end="2939">Employer-paid life and disability insurance<br data-start="2982" data-end="2985">11 observed holidays and PTO plan<br data-start="3018" data-end="3021">Up to 12 weeks of paid family leave<br data-start="3056" data-end="3059">Continuing education reimbursement</li> </ul> <p>Depending on your residential location certain laws might regulate the way Figure manages applicant data. California Residents, please review our <a href="https://www.figure.com/ca-employee-privacy-notice/">California Employee</a> and <a href="https://www.figure.com/workforce-privacy-notice/">General Workforce Privacy Notice</a> for further information. By submitting your application, you are agreeing and acknowledging that you have read and understand the above notice.</p> <p>Figure will not sponsor work visas for this position. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.</p> <p>#LI-SB1 #LI-Hybrid</p>
Free account · no credit card · Log in
Pro $9/mo · unlimited applies + AI resume
Frequently asked questions
- Is Application Security Engineer at Figure a remote job?
- Yes. Application Security Engineer at Figure is a fully remote role open to candidates worldwide.
- What type of employment is Application Security Engineer at Figure?
- This is a full time position.
- How do I apply?
- Click the "Apply" button on this page to go to the official application at Figure.
Explore related
Market data & reports
Salary & skill-demand research built from our own listings data.
- Indonesia IT Jobs vs Global Remote (2026)Primary analysis of 2,049 listings: methodology, classification rules, downloadable datasets.
- AI-Skill Demand: Indonesia vs Global Remote (2026)10,000+ postings, taxonomy-first classifier, Wilson CIs, pre-registered before analysis.
- Indonesia Hiring Report: Tech vs Non-TechJob demand by field from aggregate open-job counts — never individual listings.
- Indonesia Salary BenchmarkAggregate salary ranges across roles, with open methodology and dataset.
- Indonesia Quarterly Labor Market ReportLayoffs, funding, salaries & skills per quarter — open aggregates.
- Remote Market Reports by RoleAuto-generated per role family — skills, seniority, companies, salary.
- Global Remote Salary BenchmarkAnnual salary by role & currency, plus the share of listings open worldwide.
From the blog
- Senior Tech Roles Remote Salaries June 2026In-depth analysis of 7 senior tech role remote salaries from Vercel, Airbnb, Stripe, to Notion. Compare with local market and negotiation strategies.
- Sourcing Specialist: The Complete GlobalCurious about becoming a remote Sourcing Specialist? Learn the essential skills, tools, and how to land a USD-paying job—no matter where you live.
- Remote Mobile Developer Jobs July 2026A roundup of USD-paying remote mobile developer jobs from Loker Dollar. Analyze trends and get application tips.
Free account · no credit card · Log in
Pro $9/mo · unlimited applies + AI resume
