Application Security Engineer II

Amplitude

  • San Francisco, CA
  • Permanent
  • Full-time
  • 1 month ago
Amplitude is the leading digital analytics platform that helps companies unlock the power of their products. Over 4,000 customers, including Atlassian, NBCUniversal, Under Armour, Shopify, and Jersey Mike's, rely on Amplitude to gain self-service visibility into the entire customer journey. Amplitude guides companies every step of the way as they capture data they can trust, uncover clear insights about customer behavior, and take faster action. When teams understand how people are using their products, they can deliver better product experiences that drive growth. Amplitude is the best-in-class analytics solution for product, data, and marketing teams, ranked #1 in multiple categories in G2's Spring 2025 Report. Learn how to optimize your digital products and business at .As an organization, we approach challenges with humility, take ownership of our contributions, and embrace a growth mindset that pushes us to constantly improve ourselves, each other, and the value we bring to customers and partners.Amplitude's Commitment to Diversity Equity & Inclusion (DEI): Amplitude believes that diversity enables the creation of better products, improves the ability to solve complex problems, and drives more powerful solutions. We strive to create an environment of inclusion-one focused on psychological safety, empathy, and human connection-that will allow employees of all backgrounds to thrive.We're looking for an Application Security Engineer II to help scale secure software development practices across our engineering organization. This role is ideal for an engineer who enjoys working at the intersection of security and development; someone who has written and shipped code, understands how modern software is built, and wants to focus on proactively preventing vulnerabilities.You'll work closely with other security engineers and cross-functional developers to design and implement security controls, contribute to tooling and frameworks, and help identify and mitigate risks earlier in the development lifecycle. You won't just report issues, you'll help fix issues and make it easier for others to avoid them.Key Responsibilities:
  • Contribute to building and maintaining secure-by-default development patterns, libraries, and templates (“golden paths”)
  • Implement security checks in CI/CD workflows (e.g. GitHub Actions, Argo Workflows) and in runtime environments (e.g. Kubernetes admission controllers)
  • Leverage AI/ML tools to automate code review, alert triage, log analysis, and threat detection for application-layer risks
  • Write and tune rules to catch insecure code patterns and prevent critical vulnerabilities from reaching production
  • Collaborate with developers to remediate security issues by offering clear guidance and, where needed, hands-on support
  • Contribute to internal tooling and frameworks to make secure development frictionless and fast
  • Participate in an on-call rotation for urgent security issues and incident response
What We're Looking For:
  • 2 - 4 years of experience in software development or security engineering roles, ideally with a focus on secure application development
  • Comfortable writing production-quality code in at least one backend language (e.g. TypeScript, Python, Java)
  • Understanding of API security principles and common web application vulnerabilities (e.g. OWASP Top 10)
  • Familiarity with CI/CD pipelines and containerized environments such as Kubernetes
  • Interest or experience with AI/ML tools for security automation
  • A collaborative mindset and willingness to take ownership of problems
  • A bias toward action; you're willing to roll up your sleeves and fix issues directly
Who We AreThe Company: Amplitude is filled with humble, life-long learners who are eager to help one another and the company succeed. Our values of growth mindset, ownership, and humility are core to the way we work: we're tenacious in the face of challenges, we take the initiative to solve problems that drive our shared success, and we operate from a place of empathy and openness, seeking to understand many points of view.The Product: Amplitude is a digital analytics platform-we help companies capture data they can trust, uncover clear insights about customer behavior, and take faster action. This empowers teams to build better product experiences that drive business growth. We're super proud of what we've built and continue to expand: a platform that empowers companies to thrive in the digital era.We care about the well-being of our team: We offer competitive pay and benefits packages that reflect our commitment to the health and well-being of our Ampliteers.Some of our benefit programs include:
  • Excellent ​medical, ​dental and ​​vision insurance coverages, with 100% employer-paid premiums for employee ​medical, ​​dental,​ vision on select plans
  • Flexible time off, ​p​aid holidays, and more
  • Generous stipends to spend on what matters most to you, whether that's wellness (monthly), commuter transit/parking (monthly), learning and development (quarterly), home office equipment (annual), and much more
  • Excellent Parental benefits including​:​ 12-20 weeks of Paid Parental Leave, Carrot Fertility Benefits/Adoption/Surrogacy support, Back-up Child Care support
  • Mental health and wellness benefits including no cost employee access to Modern Health coaching & therapy Sessions and high quality physician office experience via One Medical membership (select U.S. locations only)
  • Employee Stock Purchase Program​ (ESPP)​
Other fun facts about Amplitude:
  • We were recognized in the
. * Our customers love us! They've said we're the
for 15 quarters in a row on G2. * We're focused on growth. Check us out in Deloitte's 2023 Technology Fast 500™
  • We care A LOT about product innovation. Fast Company called us the #3 most innovative enterprise company in the world.
  • We invest in our people. We offer mentorship programs, management training, and wellness initiatives.
  • We give back to our communities. We give every Ampliteer a charitable giving grant and paid volunteer time off.
  • We were founded in 2012, went public via a direct listing in September 2021, and are now trading under the ticker $AMPL.
  • We're a global and fast-growing team! We have employees around the world and offices in San Francisco (HQ), New York, Vancouver, Amsterdam, London, Paris, Singapore, and Tokyo.
  • Our mascot is the datamonster, who loves to chow down on numbers, charts, and graphs. Nom nom.
"This role is eligible for equity, benefits and other forms of compensation.Based on Colorado law, the following details are for individuals who will work for Amplitude in Colorado. Colorado range: $138,000 - $207,000 total target cash (inclusive of bonus or commission)Based on legislation in New York City, the following details are for individuals who will work for Amplitude in New York City. New York City salary range: $154,000 - $231,000 total target cash (inclusive of bonus or commission)Based on legislation in California, the following details are for individuals who will work for Amplitude in San Francisco Bay Area of California. Salary range: $154,000 - $231,000 total target cash (inclusive of bonus or commission)Based on legislation in California, the following details are for individuals who will work for Amplitude in California outside of the San Francisco Bay Area. California salary range: $138,000 - $207,000 total target cash (inclusive of bonus or commission)Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington state. Washington salary range: $138,000 - $207,000 total target cash (inclusive of bonus or commission)Based on legislation in Washington state, the following details are for individuals who will work for Amplitude in Washington only: unlimited PTO, 10 to 13 holidays annually (will vary), medical dental and vision PPO and CDHP plans. Finally, a company sponsored 401(k) retirement plan."“Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.”By applying for this job, you acknowledge that Amplitude processes your personal data in accordance with the .Staying Safe - Protect Yourself From Recruitment Fraud
We are aware of individuals and entities fraudulently representing themselves as Amplitude recruiters and/or hiring managers. Amplitude will never ask for financial information or payment, or for personal information such as bank account number or social security number during the job application or interview process. Any emails from the Amplitude recruiting team will come from an @ email address. You can learn more about how to protect yourself from these types of fraud by referring to . Please exercise caution and cease communications if something feels suspicious about your interactions.

Amplitude