Senior Security Engineer

As passionate about our people as we are about our mission.
What We're All About :
Q2 is proud of delivering our mobile banking platform and technology solutions, globally, to more than 22 million end users across our 1,300 financial institutions and fintech clients. At Q2, our mission is simple: Build strong, diverse communities by strengthening their financial institutions. We accomplish that by investing in the communities where both our customers and employees serve and live.
What Makes Q2 Special?
Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our "Circle of Awesomeness" award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.
Job Description
As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats.
Key Responsibilities

• Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities.
• Provide security guidance and best practices to engineering teams throughout the software development lifecycle.
• Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness.
• Perform security assessments, including threat modeling and architecture reviews for new features and applications.
• Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines.
• Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices.
• Deliver secure coding training and resources to engineering teams to foster a security-first culture.

Things You Will Need to Be Successful in This Role

• Typically requires a minimum of 5 years of related
  experience with a Bachelor's degree; or 3 years and
  a Master's degree; or a PhD without experience; or
  equivalent work experience.
• Proficiency with code scanning tools.
• Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten).
• Hands-on experience with programming languages such as Python, Java, JavaScript, or C#.
• Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows.
• Strong analytical skills to interpret scan results and prioritize remediation efforts.
• Certifications (Preferred): CSSLP or relevant security certifications.
• Excellent communication and collaboration skills to work effectively with cross-functional teams.
• A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle.

This position requires fluent written and oral communication in English.
Health & Wellness

• Hybrid Work Opportunities
• Flexible Time Off
• Career Development & Mentoring Programs
• Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents
• Community Volunteering & Company Philanthropy Programs
• Employee Peer Recognition Programs - "You Earned it"

Click here to find out more about the benefits we offer.
How We Give Back to the Community:
You can learn more about our Q2 Spark Program, Q2 Philanthropy fund, and our employee volunteering programs on our Q2 Community page . Q2 supports dozens of wide-reaching organizations, such as the African American Leadership Institute , and The Trevor Project , promoting diversity and success in leadership and technology. Other deserving beneficiaries include Resource Center helping LGBTQ communities, JDRF , and Homes for our Troops , a group helping veterans rebuild their lives with specially adapted homes.
At Q2, our goal is to be a diverse and inclusive workforce that fosters mutual respect for our employees and the communities we serve. Q2 is an equal opportunity employer and does not discriminate on the basis of race, national origin, gender, gender identity, sexual orientation, protected veteran status, disability, age, or other legally protected status.