Sr. Staff Software Engineer (Application Security) (Remote - US)
Job title: Sr. Staff Software Engineer (Application Security) (Remote - US) in USA at BNSF Railway
Company: BNSF Railway
Job description: Be part of a team that values safety, inclusion, and excellenceWe are one of the largest U.S. railroads transporting the nation’s freight across 28 western states and 3 Canadian provinces. As a member of our team, you will play a role in supporting the movement of essential products and materials that help feed, clothe, supply, and power communities throughout America and the world.We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!Learn more about and ourJob Location: REMOTE
Other Potential Locations: Remote US
Anticipated Start Date: 06/16/2025
Number of Positions: 1
Salary Range: $243,750 - $406,250The US base salary range for this full-time position is $243,750 - $406,250 plus bonus eligibility and other elements of our total rewards package. The range represents the amount bnsf | tech reasonably expects to pay for the position based on the level, scope, and responsibilities of the role. Individual compensation and level of position offered is determined by the hiring location and additional factors including but not limited to job-related skills, experience, and relevant education or training. In addition to base pay, BNSF offers a comprehensive package.Apply early as this job may be removed or filled prior to the closing date, which is approximately seven (7) days after the posting date.We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!The bnsf | tech department drives innovation and efficiency by developing and maintaining advanced technological solutions across the network. This team ensures a robust IT infrastructure, supports critical applications, and enhances cybersecurity measures. Their expertise is essential in optimizing operations and enabling BNSF to deliver reliable, cutting-edge transportation services.This is a full-time position. Our leaders also foster a culture where work life balance, which requires flexibility for when life happens, is important and respected.We are seeking a talented and driven Application Security Engineer to join our growing security team. This role will focus on securing our web, mobile, and cloud applications through threat modeling, code reviews, penetration testing, and working closely with developers to integrate secure coding practices.As an Sr Staff Application Security Engineer, you will
Lead the design, implementation and maintenance of application security tools and systems to ensure secure and efficient functionality
Conduct security assessments of applications and identify vulnerabilities
Collaborate with development teams to integrate security into the software development lifecycle (SDLC)
Perform static and dynamic code analysis
Develop and maintain automated security testing tools and scripts
Participate in threat modeling and architecture reviews
Track and manage remediation of security issues
Stay current with the latest security threats, trends, and technologies
Stay up to date with emerging technologies and industry trends and apply them to operations and activities.
Provide technical leadership and mentorship to junior engineers.
Ensure compliance with regulatory requirements and industry standards.
Basic Qualifications
I am CURRENTLY authorized to work in the US
Bachelor’s degree in Computer Science, Engineering, Cybersecurity or equivalent education or work experience.
At least 10+ years of experience in application development or application security, with demonstrated success delivering enterprise-scale solutions.
Strong knowledge of common application vulnerabilities (OWASP Top 10, CWE)
Proficiency in one or more programming languages (e.g., Java, Python, JavaScript, Go)
Experience with security tools (e.g., SAST, DAST, IAST, SCA, Burp Suite)
Strong communication skills and the ability to work cross-functionally
Fluency in more than one technology stack and expertise in several of the following: C, C++, Java, J2EE, JSP, Servlet, EJB, Application (Client/Server), RMI, WAS, Web Services, WS-Security, HTML, XML, XSLT, SOAP, MQ Series, LDAP / Active Directory.
Experience with continuous delivery and infrastructure as code.
Strong problem-solving ability.
Experience working in DevSecOps environment, automation first mindset, ability to leverage coding/scripting skills and working experience with APIs.
Understanding of secure software development lifecycle (SSDLC).
Preferred Qualifications
If offered a position by BNSF, I will NOT IN THE FUTURE require BNSF’s assistance (whether monetary, through sponsorship, through preparation of a training plan, or otherwise) to obtain employment-based nonimmigrant status, such as H-1B or TN, or other authorization to work at BNSF, such as through STEM OPT.
Knowledge in the following areas:
Mutual TLS (mTLS) Auth for Service -Service
OpenID Connect Authorization Code and Client Credential Flows
Experience with DB2, SQL Server, Oracle, or another enterprise-class RDBMS
Operating Systems like Windows, MacOS, iOS, AIX, and Linux.
Java Application Interface Development and Object Models
iOS native mobile and wrapped responsive applications
Enterprise Service Bus (ESB) technologies / JMS Advanced systems design
Security certifications (e.g., OSCP, CISSP, CSSLP, GWAPT)
Knowledge of container and Kubernetes security
Familiarity with cloud security (AWS, Azure, or GCP) is a plus
At BNSF, you will have access to a comprehensive and competitive benefits package including:
An industry-leading 401(k) and renowned Railroad Retirement program.
A range of robust health care options for you and your dependents (including domestic partners), including medical, dental, vision, telemedicine, mental health, cancer support, and high-quality care network options.
Health care spending accounts (HSA) with employer contributions, as well as life and disability insurance, provided at no cost.
Family benefits including parental, pediatric and family building support, adoption and surrogacy reimbursement, and dependent care spending account (with employer match).
Access to discounts on travel, gym memberships, counseling services and wellness support.
Annual bonus (Incentive Compensation Program)
Generous leave / time off policies.
For more information, visit
.Please be aware of potential fraud that can occur when searching for new career opportunities. Please review our for more information and awareness.All positions require pre-employment background verification, medical review and pre-employment drug screen. You can find more information by reviewing the . Federal authority requires BNSF employees, whose work requires unescorted access to secure areas of port facilities, to obtain a TWIC. More information is available atBNSF Railway is an Equal Opportunity Employer, all qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.SF: MO | [[mfield5]] | bnsf tech | REMOTE, US | 00000
Expected salary:
Location: USA
Apply for the job now!
Apply Now
Company: BNSF Railway
Job description: Be part of a team that values safety, inclusion, and excellenceWe are one of the largest U.S. railroads transporting the nation’s freight across 28 western states and 3 Canadian provinces. As a member of our team, you will play a role in supporting the movement of essential products and materials that help feed, clothe, supply, and power communities throughout America and the world.We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!Learn more about and ourJob Location: REMOTE
Other Potential Locations: Remote US
Anticipated Start Date: 06/16/2025
Number of Positions: 1
Salary Range: $243,750 - $406,250The US base salary range for this full-time position is $243,750 - $406,250 plus bonus eligibility and other elements of our total rewards package. The range represents the amount bnsf | tech reasonably expects to pay for the position based on the level, scope, and responsibilities of the role. Individual compensation and level of position offered is determined by the hiring location and additional factors including but not limited to job-related skills, experience, and relevant education or training. In addition to base pay, BNSF offers a comprehensive package.Apply early as this job may be removed or filled prior to the closing date, which is approximately seven (7) days after the posting date.We are committed to a culture where all employees are included, belong, and have equal opportunity to achieve their full potential. Come make a difference with us!The bnsf | tech department drives innovation and efficiency by developing and maintaining advanced technological solutions across the network. This team ensures a robust IT infrastructure, supports critical applications, and enhances cybersecurity measures. Their expertise is essential in optimizing operations and enabling BNSF to deliver reliable, cutting-edge transportation services.This is a full-time position. Our leaders also foster a culture where work life balance, which requires flexibility for when life happens, is important and respected.We are seeking a talented and driven Application Security Engineer to join our growing security team. This role will focus on securing our web, mobile, and cloud applications through threat modeling, code reviews, penetration testing, and working closely with developers to integrate secure coding practices.As an Sr Staff Application Security Engineer, you will
Lead the design, implementation and maintenance of application security tools and systems to ensure secure and efficient functionality
Conduct security assessments of applications and identify vulnerabilities
Collaborate with development teams to integrate security into the software development lifecycle (SDLC)
Perform static and dynamic code analysis
Develop and maintain automated security testing tools and scripts
Participate in threat modeling and architecture reviews
Track and manage remediation of security issues
Stay current with the latest security threats, trends, and technologies
Stay up to date with emerging technologies and industry trends and apply them to operations and activities.
Provide technical leadership and mentorship to junior engineers.
Ensure compliance with regulatory requirements and industry standards.
Basic Qualifications
I am CURRENTLY authorized to work in the US
Bachelor’s degree in Computer Science, Engineering, Cybersecurity or equivalent education or work experience.
At least 10+ years of experience in application development or application security, with demonstrated success delivering enterprise-scale solutions.
Strong knowledge of common application vulnerabilities (OWASP Top 10, CWE)
Proficiency in one or more programming languages (e.g., Java, Python, JavaScript, Go)
Experience with security tools (e.g., SAST, DAST, IAST, SCA, Burp Suite)
Strong communication skills and the ability to work cross-functionally
Fluency in more than one technology stack and expertise in several of the following: C, C++, Java, J2EE, JSP, Servlet, EJB, Application (Client/Server), RMI, WAS, Web Services, WS-Security, HTML, XML, XSLT, SOAP, MQ Series, LDAP / Active Directory.
Experience with continuous delivery and infrastructure as code.
Strong problem-solving ability.
Experience working in DevSecOps environment, automation first mindset, ability to leverage coding/scripting skills and working experience with APIs.
Understanding of secure software development lifecycle (SSDLC).
Preferred Qualifications
If offered a position by BNSF, I will NOT IN THE FUTURE require BNSF’s assistance (whether monetary, through sponsorship, through preparation of a training plan, or otherwise) to obtain employment-based nonimmigrant status, such as H-1B or TN, or other authorization to work at BNSF, such as through STEM OPT.
Knowledge in the following areas:
Mutual TLS (mTLS) Auth for Service -Service
OpenID Connect Authorization Code and Client Credential Flows
Experience with DB2, SQL Server, Oracle, or another enterprise-class RDBMS
Operating Systems like Windows, MacOS, iOS, AIX, and Linux.
Java Application Interface Development and Object Models
iOS native mobile and wrapped responsive applications
Enterprise Service Bus (ESB) technologies / JMS Advanced systems design
Security certifications (e.g., OSCP, CISSP, CSSLP, GWAPT)
Knowledge of container and Kubernetes security
Familiarity with cloud security (AWS, Azure, or GCP) is a plus
At BNSF, you will have access to a comprehensive and competitive benefits package including:
An industry-leading 401(k) and renowned Railroad Retirement program.
A range of robust health care options for you and your dependents (including domestic partners), including medical, dental, vision, telemedicine, mental health, cancer support, and high-quality care network options.
Health care spending accounts (HSA) with employer contributions, as well as life and disability insurance, provided at no cost.
Family benefits including parental, pediatric and family building support, adoption and surrogacy reimbursement, and dependent care spending account (with employer match).
Access to discounts on travel, gym memberships, counseling services and wellness support.
Annual bonus (Incentive Compensation Program)
Generous leave / time off policies.
For more information, visit
.Please be aware of potential fraud that can occur when searching for new career opportunities. Please review our for more information and awareness.All positions require pre-employment background verification, medical review and pre-employment drug screen. You can find more information by reviewing the . Federal authority requires BNSF employees, whose work requires unescorted access to secure areas of port facilities, to obtain a TWIC. More information is available atBNSF Railway is an Equal Opportunity Employer, all qualified applicants receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.SF: MO | [[mfield5]] | bnsf tech | REMOTE, US | 00000
Expected salary:
Location: USA
Apply for the job now!
Apply Now