Demo
Salary Resume Critique Job Openings

Sr. Staff Application Security Engineer

Aurora
San Francisco, CA Full Time
POSTED ON 2/9/2025
AVAILABLE BEFORE 5/9/2025

Who We Are

Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly to make transportation safer, increasingly accessible, and more reliable and efficient than ever before. The Aurora Driver will create a new era in mobility and logistics, one that will bring a safer, more efficient, and more accessible future to everyone.

At Aurora, you'll solve massively complex problems alongside other passionate, smart people, growing as an expert while broadening your field of knowledge. Aurora hires talented people with diverse backgrounds who are ready to help build a transportation ecosystem that will make our roads safer, get crucial goods where they need to go, and make mobility more efficient and accessible for all. Aurora’s Product Security team’s mission is to discover, mitigate, and prevent security risks in the software, hardware, and services developed by Aurora. Our team is responsible for ensuring the secure design and implementation of the technology built for the Aurora Driver as well as continually improving the assurance levels of security across all of Aurora’s Products. We are searching for an experienced Security Engineer with strong application security experience that is excited to lead and improve the overall application security posture for the autonomous vehicle platform to join us on this mission.

In this role, you will

  • Perform secure design reviews and threat modeling. Identify and prioritize risks, attack surfaces, and vulnerabilities.
  • Perform security code reviews of source code changes and advise developers on remediating vulnerabilities and following secure coding practices.
  • Perform technical security assessments and reviews, research, uncover, and reproduce vulnerabilities, design secure protocols and systems, and write tests and fuzzers to drive architecture changes.
  • Manage the vulnerability management process and program through triage, prioritization, tracking, remediation, and validation of vulnerabilities from audits, scans and external reports.
  • Employ techniques including reverse engineering, fuzzing, and static and / or dynamic analysis.
  • Conduct research to identify new and novel attack vectors against Aurora’s products and services.
  • Review, develop and document secure operational best practices, and provide security guidance for engineers and various internal and external partners.
  • Develop and manage a secure software development lifecycle.
  • Develop and manage a bug bounty program.
  • Research, recommend, and develop security tools and technologies to strengthen defenses against emerging threats and vulnerabilities.
  • Work with Engineering teams and OEMs to ensure successful security assurance of the Aurora Driver platform and services.
  • Advocate, guide and mentor both security and non-security engineers to instill security best practices through secure architecture, design, and development.

Required Qualifications

  • Ability and desire to write production-quality code in C , Golang, or Python.
  • Foundational knowledge of operating system security for Linux.
  • Foundational knowledge of the CWE Top 25.
  • Ability to assess software and / or hardware components with and without full knowledge.
  • Ability to work well with other assessment members and engineering partners.
  • Ability to communicate effectively with technical and non-technical audiences.
  • Experience in one or more of the following : risk assessment, threat modeling, incident and emergency response, OS hardening, vulnerability management, pentesting, offensive security or cryptographic protocols and concepts.
  • Experience in vulnerability discovery and analysis, design review, and code-level security reviews.
  • Experience in, and technical knowledge of security engineering, computer and network security, authentication and security protocols, and applied cryptography.
  • Experience with assessment, development, implementation, and documentation of a comprehensive and broad set of security technologies and processes.
  • Familiarity with automotive protocols and security standards.
  • Experience in Security Assurance / Secure-SDLC processes in an agile / waterfall environment.
  • Experience building and evaluating threat models / risk assessments.
  • Experience and ability to implement best practices related to cryptographic protocols, infrastructure and network security.
  • Minimum 8 years of experience in a security-specific or security-adjacent industry.
  • Minimum 2 years of experience in the robotics or automotive industry or equivalent.

    • Desirable Qualifications

  • Relevant work experience in offensive security, penetration testing or red teaming.
  • Experience implementing various Defense in Depth Strategies to address dynamic threats across various software and hardware stacks.
  • Experience evaluating the security of software, hardware and services.
  • Foundational knowledge of embedded firmware security and hardware security, preferably in the robotics or automotive space.
  • Familiarity with cloud security (AWS) and infrastructure-as-code.
  • Familiarity with Trusted Platform Modules, HSMs, and trusted boot.
  • A history of giving back to the security industry via open source contributions, published papers, or conference presentations.

    • The base salary range for this position is $254k-$407K per year. Aurora’s pay ranges are determined by role, level, and location. Within the range, the successful candidate’s starting base pay will be determined based on factors including job-related skills, experience, qualifications, relevant education or training, and market conditions. These ranges may be modified in the future. The successful candidate will also be eligible for an annual bonus, equity compensation, and benefits.

    Aurora considers candidates without regard to their race, color, religion, national origin, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, pregnancy status, parent or caregiver status, ancestry, political affiliation, veteran and / or military status, physical or mental disability, or any other status protected by federal or state law. Aurora considers qualified applicants with criminal histories, consistent with applicable federal, state, and local law. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at careersiteaccommodations@aurora.tech.

    To learn more about life at Aurora please visit our company culture page.

    J-18808-Ljbffr

    Salary : $254,000 - $407,000

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Sr. Staff Application Security Engineer?

    Sign up to receive alerts about other jobs on the Sr. Staff Application Security Engineer career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $88,984 - $115,784
    Income Estimation: 
    $111,369 - $141,168
    Income Estimation: 
    $117,871 - $153,580
    Income Estimation: 
    $109,939 - $144,341
    Income Estimation: 
    $114,500 - $144,633
    Income Estimation: 
    $70,462 - $84,818
    Income Estimation: 
    $77,991 - $108,747
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $164,835 - $201,088
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at Aurora

    Senior Systems and Behavioral Safety Engineer
    Aurora
    Hired Organization Address Pittsburgh, PA Full Time
    Who We Are Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly to make t...
    Senior Software Engineer, Remote Assist
    Aurora
    Hired Organization Address San Francisco, CA Full Time
    Employer Industry : Autonomous Vehicle Technology Why consider this job opportunity : Base salary range of $162K - $260K...
    Software Engineer, Perception
    Aurora
    Hired Organization Address San Francisco, CA Full Time
    Who We Are Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly to make t...
    Senior Software Engineer
    Aurora
    Hired Organization Address Seattle, WA Full Time
    Who We Are Aurora’s mission is to deliver the benefits of self-driving technology safely, quickly, and broadly to make t...
    View More Jobs at Aurora

    Not the job you're looking for? Here are some other Sr. Staff Application Security Engineer jobs in the San Francisco, CA area that may be a better fit.

    Staff Application Security Engineer

    IDENTIFY SECURITY, San Francisco, CA

    Staff Application Security Engineer

    Ironclad Inc., San Francisco, CA

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!