Staff Application Security Engineer

What’s so interesting about this role?

As a Staff Application Security Engineer at Grindr, you will be a key player in securing our platform, protecting millions of users, and ensuring best-in-class security practices. This role will elevate our application security strategy, leading efforts across web, mobile, and API security, while partnering with engineering teams to embed security into our development lifecycle.

You will architect and implement security tooling, drive DevSecOps initiatives, and act as a trusted advisor for application security across the organization. This is an opportunity to take Grindr’s security posture to the next level in a high-impact role.

What’s the job?

• Assess & Improve Security Posture – Partner with engineering teams to evaluate the security state of our applications (web, mobile, APIs), identify risks, prioritize security efforts, and drive remediation.
• Build & Deploy Security Tooling – Architect and manage security solutions, including SAST, DAST, and Fuzzing tools, integrating them seamlessly into our DevSecOps pipelines.
• Lead Secure SDLC Initiatives – Collaborate with developers to integrate security into CI/CD workflows, ensuring security is a core component of Grindr’s software development process.
• Security Culture & Stakeholder Collaboration – Work cross-functionally with product, engineering, compliance, and executive teams to ensure security is prioritized and embedded into the company’s DNA.
• Third-Party & Bug Bounty Programs – Manage security engagements with third-party organizations and oversee Grindr’s bug bounty program to identify and address vulnerabilities proactively.
• Incident Response & Threat Modeling – Contribute to security incident response, forensics, and threat modeling efforts, ensuring proactive risk mitigation.
• Mentor & Educate – Provide security guidance to engineers, conduct training sessions, and advocate for secure coding practices.

What we’ll love about you

• 8+ years of experience in Application Security, Software Security, or DevSecOps, with a focus on securing web, mobile, and cloud applications.
• Proficiency in security tooling – hands-on experience with SAST/DAST tools (e.g., SonarQube, Snyk, GitHub Advanced Security, BurpSuite, FFUF).
• Deep expertise in secure software development – Strong knowledge of OWASP Top 10, secure coding practices, and ability to conduct code reviews to identify security flaws.
• Cloud & Infrastructure Security – Experience securing cloud environments (AWS, GCP) and working with containerized architectures (Docker, Kubernetes) or similar
• Strong leadership & communication skills – Ability to lead security initiatives, influence engineering teams, and communicate security risks effectively to technical and non-technical stakeholders.
• Experience with regulatory frameworks – Familiarity with SOX, GDPR, PCI, and SOC compliance and ability to ensure applications meet security and regulatory standards.

We’ll really swoon if you are/have

• Experience leading bug bounty programs and working with external security researchers.
• Hands-on development experience in web and mobile technologies (e.g., Node.js, JavaScript, Swift, Kotlin).
• Familiarity with threat modeling frameworks and experience designing secure architectures for large-scale applications.
• Knowledge of serverless and microservices security best practices.

What you'll love about us

• Mission and Impact: Grindr is building the global gayborhood in your pocket. Your role will impact the lives of millions of LGBTQ+ people around the world. Through our success, we are making a world where the lives of our community are free, equal, and just.
• Family Insurance: Insurance premium coverage for health, dental, and vision for you and partial coverage for your dependents.
• Retirement Savings: Generous 401K plan with 6% match and immediate vest in the U.S.
• Compensation: Industry-competitive compensation and eligibility for company bonus and equity programs.
• Queer-Inclusive Benefits: Industry-leading gender-affirming offerings with up to 90% cost coverage, access to Included Health, monthly stipends for HRT, and more.
• Additional Benefits: Flexible vacation policy, monthly stipends for cell phone, internet, wellness, food, and commuting, breakfast/lunch provided onsite, and yearly travel & leisure stipend.