Application Security Engineer Jobs in California

INTRODUCTION

To help keep everyone safe, we encourage all applicants to pay close attention to protect themselves during their job search. When applying for a position online you are at risk of being targeted by malicious actors looking for personal data. Please be aware we will only reach out via email using the domain quanata.com. Anything that does not match those domains should be ignored and considered a security risk.

About us

Quanata is on a mission to help ensure a better world through context-based insurance solutions. We are an exceptional, customer centered team with a passion for creating innovative technologies, digital products, and brands. We blend some of the best Silicon Valley talent and cutting-edge thinking with the long-term backing of leading insurer, State Farm.

Learn more about us and our work at quanata.com.

OUR TEAM

Quanata, LLC is an insurance technology innovation company that engineers advanced risk prediction and prevention solutions, develops risk-focused acquisition capabilities, and builds/supports a full-stack, flexible, digital & increasingly AI-native insurance platform. This helps our primary clients, State Farm and HiRoad Assurance Company, adapt to evolving market needs. Quanata, LLC is wholly owned and funded by State Farm.

As a company that prioritizes an inclusive and positive culture, we believe the core of our success is in hiring talented people — across disciplines — who want to help us make a quantifiable impact.

THE ROLE

We're looking for an Application Security Engineer to help build secure-by-default products and services across Quanata's AI-native insurance technology platform. In this role, you'll partner closely with Product, Engineering, and Security teams to identify risks early, strengthen secure development practices, and ensure our applications are resilient, scalable, and compliant.

You'll play a key role in embedding security throughout the software development lifecycle while helping teams move quickly and safely.

YOUR DAY-TO-DAY

• Partner with Product and Engineering teams to integrate security into application design and development
• Lead threat modeling exercises and identify practical security solutions for complex systems
• Conduct secure code reviews, application security assessments, and vulnerability analysis
• Develop and implement automated security guardrails across the SDLC
• Investigate, prioritize, and drive remediation of application security findings
• Promote secure coding practices through training, coaching, and awareness initiatives
• Collaborate with Security, Privacy, and Business Assurance teams to support compliance and risk management objectives
• Create and maintain security standards, procedures, and best practices that scale across teams

ABOUT YOU

• Associate's degree or equivalent experience required; Bachelor's degree preferred
• 4–6+ years of experience in software engineering, including at least 2 years focused on application security
• Experience partnering directly with software development teams to improve application security
• Knowledge of secure-by-design principles and modern application security practices
• Familiarity with OWASP Top 10, ASVS, MASVS, and common application security frameworks
• Experience with threat modeling methodologies such as STRIDE, PASTA, or similar approaches
• Working knowledge of cloud platforms and modern application architectures
• Proficiency in at least one programming language and its security ecosystem
• Strong communication skills and the ability to influence technical and non-technical stakeholders
• Comfortable operating in a fast-paced environment with shifting priorities

BONUS POINTS

• Security certifications such as CSSLP, GWEB, OSWE, or similar
• Experience working in insurance, financial services, healthcare, or other regulated industries
• Advanced knowledge of cloud security and application security architecture
• Experience with mobile application security, QA testing, or penetration testing
• Familiarity with AI technologies, LLM security, or prompt engineering
• Experience building scripts or automations to streamline security processes
• Active involvement in the security community through conferences, mentoring, presentations, publications, or open-source contributions

SALARY

• Salary: $175,000 to $215,000*

Please note that the final salary offered will be determined based on the selected candidate's skills, and experience, as well as the internal salary structure at Quanata. Our aim is to offer a competitive and equitable compensation package that reflects the candidate's expertise and contributions to our organization.

ADDITIONAL DETAILS

• Benefits: We provide a wide variety of health, wellness and other benefits. These include medical, dental, vision, life insurance and supplemental income plans for you and your dependents, a Headspace app subscription, monthly wellness allowance and a 401(k) Plan with a company match.

• Work from Home Equipment: Given our virtual environment— in order to set you up for success at home, a one-time payment of $2K will be provided to cover the purchase of in-home office equipment and furniture at your discretion. Also, our teams work with MacBook Pros, which we will deliver to you fully provisioned prior to your first day.

• Paid Time Off: All employees accrue four weeks of PTO in their first year of employment. New parents receive twelve weeks of fully paid parental leave which may be taken within one year after the birth and/or adoption of a child. The twelve weeks is applicable to both birthing and non-birthing parent.

• Personal and Professional Development: We're committed to investing in and helping our people grow personally and professionally. All employees receive up to $5000 each year for professional learning, continuing education and career development. All team members also receive LinkedIn Learning subscriptions and access to multiple different coaching opportunities through BetterUp.

LOCATION

We are a remote-first company for most positions so you may work from anywhere you like in the U.S, excluding U.S. territories. For most positions, occasional travel may be requested or encouraged but is not required. Some positions might require travel per the job description provided to the employee. Employees based in the San Francisco Bay Area or in Providence, Rhode Island may commute to one of our local offices as desired.

HOURS

We maintain core meeting hours from 9AM - 2PM Pacific time for collaborating with team members across all time zones.

Quanata, LLC is an equal opportunity workplace. We are committed to equal employment opportunities regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status. Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.

If you are a San Francisco resident, please read the City and County of San Francisco's Fair Chance Ordinance notice.

This role is employed by Quanata, LLC which is a separate company in the State Farm family of companies.

If you require a reasonable accommodation, please reach out to your Talent Acquisition Partner for assistance.