Skip to main content
Back to Jobs

Application Security Engineer

Build and scale vulnerability management for blockchain financial products

As an Application Security Engineer at Figure, you will architect and implement end-to-end security solutions for blockchain-based financial products. You'll integrate security into CI/CD pipelines with DevOps, conduct security assessments and threat modeling, and ensure secure coding practices are embedded throughout the software development lifecycle. Your work will protect Figure's platform that has originated over $22 billion in home equit...

Why This Role?

Work on blockchain-native financial products used by hundreds of thousands of consumers and institutions

Key Responsibilities

  • Architect and implement end-to-end security solutions including firewalls, intrusion detection, and encryption protocols
  • Integrate security into CI/CD pipelines with DevOps for automated secure deployments
  • Conduct regular security assessments, threat modeling, and vulnerability management
  • Collaborate with Engineering, DevOps, and IT to embed secure coding practices into workflows
  • Ensure security standards are met at every stage of the software development lifecycle
  • Design and deploy cloud security controls and security event management systems

Requirements

  • Strong background in reading and writing code
  • Experience building and scaling vulnerability management programs
  • Knowledge of secure coding practices and security standards
  • Experience with cloud security controls and intrusion detection systems
  • Ability to collaborate with Engineering, DevOps, and IT teams
  • Familiarity with security event management and encryption protocols

Required Skills

securitydevopscloud securitythreat modelingvulnerability managementApplication SecurityCI/CD SecuritySecure Coding

Indonesia Context

Working Hours Overlap:
Flexible — work your own hours
See remote (USD) vs local pay →

Keywords

application security engineerblockchain securityvulnerability managementCI/CD securitythreat modelingsecure codingcloud securityfinancial technology
View Original Description from Greenhouse Boards

Original description from Greenhouse Boards

<p><strong>About Figure</strong></p> <p>Figure (NASDAQ: FIGR) is transforming capital markets through blockchain. We’re proving that blockchain isn’t just theory - it’s powering real products used by hundreds of thousands of consumers and institutions.&nbsp;</p> <p>By combining blockchain’s transparency and efficiency with AI-driven automation, we’ve reimagined how loans are originated, funded, and traded in secondary markets. From faster processing times to lower costs and reduced bias, our technology is helping borrowers, investors, and financial institutions achieve better outcomes.</p> <p>Together with our 170+ partners, we’ve originated over $22 billion in home equity loans (HELOCs) on our blockchain-native platform, making Figure the largest non-bank provider of home equity financing in the U.S. Figure’s ecosystem also includes YLDS, an SEC-registered yield-bearing stablecoin that operates as a tokenized money market fund, and several other products and platforms that are reshaping consumer finance and capital markets.&nbsp;</p> <p>We’re proud to be recognized as one of <a href="https://www.forbes.com/lists/fintech50/">Forbes’ Most Innovative Fintech Startups in 2025</a> and <a href="https://www.fastcompany.com/91269557/finance-personal-finance-most-innovative-companies-2025">Fast Company’s Most Innovative Companies in Finance and Personal Finance</a>.</p> <p><strong>About the Role</strong></p> <p>As an Application Security Engineer at Figure, you will be pivotal in the security of our software from the first line of code through deployment. You'll build and scale our vulnerability management program, embed secure coding practices into engineering workflows, and help ensure security standards are met at every stage of the software development lifecycle. We’re looking for a collaborative, hands-on engineer with a strong background in reading and writing code. You’ll partner closely with Engineering, DevOps, and IT to ensure our security processes are resilient, scalable, and seamlessly integrated into our workflows.</p> <p><strong>What You’ll Do</strong></p> <ul> <li>Architect, design, and implement end-to-end security solutions, including firewalls, intrusion detection, encryption protocols, security event management, and cloud security controls.</li> <li>Collaborate with DevOps to integrate security into CI/CD pipelines, ensuring automation and repeatability of secure deployments.</li> <li>Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.</li> <li>Lead cross-team initiatives that significantly improve our security posture while balancing speed and innovation.</li> <li>Mentor engineers on security best practices and build a culture of security by design.</li> <li>Actively participate in incident response, on-call rotations, and post-incident reviews to continuously improve defenses.</li> </ul> <p><strong>What We Look For</strong></p> <ul> <li>Improve and run Figure's vulnerability management program including triage, prioritization, tracking remediation, and reporting on risk reduction over time.</li> <li>Collaborate with DevOps to integrate security gates at various points throughout the software development lifecycle, ensuring automation and repeatability of secure deployments.</li> <li>Manage third-party penetration tests, including scoping, vendor coordination, and tracking remediation of findings.</li> <li>Automate sources of toil, such as routine patching or dependency upgrades.</li> <li>Conduct threat modeling and security reviews for new features and services, partnering with engineering teams early in the design process.</li> <li>Conduct regular security assessments, threat modeling, and architecture reviews to identify risks and design mitigations.</li> <li>Lead cross-team initiatives that significantly improve our security posture while balancing speed and innovation.</li> <li>Actively participate in incident response, on-call rotations, and post-incident reviews to continuously improve defenses.</li> <li>Adhere to all company security policies and data handling procedures.</li> <li>Complete mandatory security awareness training within required timeframes.</li> <li>Promptly report any suspected security incidents or suspicious activity to the Security team.</li> </ul> <p class="p1"><strong>Salary</strong></p> <ul class="ul1"> <li class="li1">Base Compensation Range: $120,000-$154,440/yr</li> <li class="li1">25% annual bonus target, paid quarterly&nbsp;</li> <li class="li1">Company equity in the form of RSUs</li> </ul> <p>This is the compensation range for the role in the United States. Actual compensation may vary based on a candidate’s experience, skills, location, internal equity, and evolving business needs. While most offers are generally made within the middle of the range, final compensation is determined based on the factors above.</p> <p class="p1"><strong>Benefits</strong></p> <ul class="ul1"> <li class="li1">Comprehensive medical, dental, and vision coverage, with 100% employer-paid premiums for employees and their dependents on select plans<br data-start="2866" data-end="2869">Company HSA, FSA, Dependent Care FSA, 401(k), and commuter benefits<br data-start="2936" data-end="2939">Employer-paid life and disability insurance<br data-start="2982" data-end="2985">11 observed holidays and PTO plan<br data-start="3018" data-end="3021">Up to 12 weeks of paid family leave<br data-start="3056" data-end="3059">Continuing education reimbursement</li> </ul> <p>Depending on your residential location certain laws might regulate the way Figure manages applicant data. California Residents, please review our <a href="https://www.figure.com/ca-employee-privacy-notice/">California Employee</a> and <a href="https://www.figure.com/workforce-privacy-notice/">General Workforce Privacy Notice</a>&nbsp;for further information.&nbsp;By submitting your application, you are agreeing&nbsp; and&nbsp;acknowledging&nbsp;that you have read and understand the above notice.</p> <p>Figure will not sponsor work visas for this position. In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.</p> <p>#LI-SB1 #LI-Hybrid</p>

Track this application + get match alerts

Free account · no credit card · Log in

Pro $9/mo · unlimited applies + AI resume

Company
Figure
Source
Greenhouse Boards
Job Type
full time
Location
Remote · Open worldwide
Category
Seniority
mid
PostedFresh
Jul 9, 2026

Share this job

Help a friend find their next remote role.

Frequently asked questions

Is Application Security Engineer at Figure a remote job?
Yes. Application Security Engineer at Figure is a fully remote role open to candidates worldwide.
What type of employment is Application Security Engineer at Figure?
This is a full time position.
How do I apply?
Click the "Apply" button on this page to go to the official application at Figure.

Explore related

Market data & reports

Salary & skill-demand research built from our own listings data.

From the blog

Track this application + get match alerts

Free account · no credit card · Log in

Pro $9/mo · unlimited applies + AI resume