Senior Application Security Engineer

We're seeking a Senior Application Security Engineer to help strengthen Zeta's application and platform security posture. You'll play a critical role in embedding security throughout the software development lifecycle, ensuring our systems, applications, and AI-driven platforms are built securely from the ground up.Zeta operates at massive scale, powering billions of consumer profiles and petabytes of data across real-time, AI-powered marketing platforms. In this role, you'll collaborate with engineering and product teams to identify risks, implement secure design principles, and build automated controls that enable secure innovation.This position offers significant technical scope, cross-functional visibility, and opportunities to contribute directly to the company's overall security maturity.Key Responsibilities:Threat Modeling & Security ValidationConduct threat modeling and security reviews for distributed cloud-native systems.Perform security code reviews, static/dynamic analysis (SAST/DAST), and dependency scanning.Participate in incident response exercises and red/blue team simulations.Assess third-party libraries, APIs, and vendor integrations for security compliance.Embedding Security into the SDLCPartner with developers and QA engineers to embed security testing into CI/CD pipelines.Review architecture and design documents to identify and mitigate risks early.Contribute to security automation initiatives and tooling to improve developer velocity.Support security checkpoints in release and deployment processes.Emerging Threat Monitoring & Proactive DefenseStay current on evolving security risks, frameworks, and attack vectors, including AI/ML-specific threats (e.g., prompt injection, model poisoning).Assist in designing and deploying proactive defense mechanisms across applications and data platforms.Support investigations and post-incident reviews to strengthen detection and prevention capabilities.Security Awareness & Policy ImplementationAdvocate secure coding and best practices through code reviews, workshops, and documentation.Contribute to internal security standards and playbooks.Collaborate closely with Engineering, DevOps, and Product teams to foster a security-first culture.What You Need to SucceedBachelor's degree in computer science, Cybersecurity, or related field, or equivalent experience.2 - 4 years of experience in Application Security, DevSecOps, or Secure Software Development.Strong understanding of OWASP Top 10, SANS CWE Top 25, and general application threat modeling.Experience with frameworks and architectures such as React, , Django, or FastAPI.Knowledge of securing APIs, microservices, and authentication mechanisms (OAuth2, OIDC, JWT).Experience with cloud platforms (AWS, GCP, Azure) and containerization (Docker, Kubernetes).Working knowledge of security testing tools (e.g., Semgrep, SonarQube, Burp Suite, Zap, Trivy).Solid collaboration and communication skills with cross-functional teams.Nice to HaveFamiliarity with AI/ML security concepts such as data poisoning, adversarial testing, and model integrity.Experience with automation frameworks and scripting for security testing.Relevant certifications (e.g., OSCP, GWAPT, CSSLP, or ML/AI-specific security certifications)WHO WE ARE Zeta Global is a NYSE listed data-powered marketing technology company with a heritage of innovation and industry leadership. Founded in 2007 by entrepreneur David A. Steinberg and John Sculley, former CEO of Apple Inc and Pepsi-Cola, the Company combines the industry's 3rd largest proprietary data set (2.4B+ identities) with Artificial Intelligence to unlock consumer intent, personalize experiences and help our clients drive business growth.Our technology runs on the Zeta Marketing Platform, which powers 'end to end' marketing programs for some of the world's leading brands. With expertise encompassing all digital marketing channels – Email, Display, Social, Search and Mobile – Zeta orchestrates acquisition and engagement programs that deliver results that are scalable, repeatable and sustainable.Zeta Global is an Equal Opportunity/Affirmative Action employer and does not discriminate on the basis of race, gender, ancestry, color, religion, sex, age, marital status, sexual orientation, gender identity, national origin, medical condition, disability, veterans status, or any other basis protected by law.ZETA IN THE NEWS