Why Join Q2?
Q2 is a leading provider of digital banking and lending solutions to banks, credit unions, alternative finance companies, and fintechs in the U.S. and internationally. Our mission is simple: build strong and diverse communities through innovative financial technology—and we do that by empowering our people to help create success for our customers.
What Makes Q2 Special?
Being as passionate about our people as we are about our mission. We celebrate our employees in many ways, including our “Circle of Awesomeness” award ceremony and day of employee celebration among others! We invest in the growth and development of our team members through ongoing learning opportunities, mentorship programs, internal mobility, and meaningful leadership relationships. We also know that nothing builds trust and collaboration like having fun. We hold an annual Dodgeball for Charity event at our Q2 Stadium in Austin, inviting other local companies to play, and community organizations we support to raise money and awareness together.
As an Application Security Engineer, you will play a critical role in safeguarding the security of our software products and development lifecycle. This role focuses on managing and optimizing code scanning tools, identifying vulnerabilities, and ensuring secure coding practices are embedded into every stage of software development. You will collaborate with engineering teams to provide actionable security guidance, design metrics to measure security effectiveness, and create strategies to continuously improve application security. By integrating cutting-edge tools and techniques, you will ensure that our applications meet the highest standards of security and resilience, ultimately protecting the organization and its users from emerging threats.
Key Responsibilities
- Manage and optimize code scanning tools (e.g., SAST, DAST) to detect and remediate security vulnerabilities.
- Provide security guidance and best practices to engineering teams throughout the software development lifecycle.
- Design, maintain, and report on application security metrics and dashboards to track progress and effectiveness.
- Perform security assessments, including threat modeling and architecture reviews for new features and applications.
- Collaborate with DevOps and CI/CD teams to integrate security tools seamlessly into development pipelines.
- Stay up-to-date on the latest security threats, vulnerabilities, and remediation strategies to evolve application security practices.
- Deliver secure coding training and resources to engineering teams to foster a security first culture.
- Own and lead the Security Champions program to drive secure practices and cross-functional engagement.
Things You Will Need to Be Successful in This Role
- Typically requires a Bachelor's degree in a technical field such as Computer Science, Information Security, Information Technology or equivalent experience and may require up to 2 years of related experience; or an advanced degree without experience.
- Proficiency with code scanning tools (e.g., SAST, DAST)
- Deep understanding of secure coding practices and standards (e.g., OWASP Top Ten).
- Hands-on experience with programming languages such as Python, Java, JavaScript, or C#.
- Familiarity with CI/CD pipelines and integrating security tools into DevOps workflows.
- Strong analytical skills to interpret scan results and prioritize remediation efforts.
- Certifications (Preferred): CSSLP or relevant security certifications.
- Excellent communication and collaboration skills to work effectively with cross-functional teams.
- A proactive and detail-oriented mindset to identify and mitigate risks early in the development lifecycle.
This position requires fluent written and oral communication in English.
Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or take over sponsorship of an employment Visa at this time.
Health & Wellness
Hybrid Work Opportunities
Flexible Time Off
Career Development & Mentoring Programs
Health & Wellness Benefits, including competitive health insurance offerings and generous paid parental leave for eligible new parents
Community Volunteering & Company Philanthropy Programs
Employee Peer Recognition Programs – “You Earned it”
Click here to find out more about the benefits we offer.
Our Culture & Commitment:
We’re proud to foster a supportive, inclusive environment where career growth, collaboration, and wellness are prioritized. And our benefits go beyond healthcare—offering resources for physical, mental, and professional well-being. Click here to find out more about the benefits we offer. Q2 employees are encouraged to give back through volunteer work and nonprofit support through our Spark Program (see more). We believe in making an impact—in the industry and in the community.
We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status.
Applicants in California or Washington State may not be exempt from federal and state overtime requirements
Top Skills
Similar Jobs at Q2
What you need to know about the Los Angeles Tech Scene
Key Facts About Los Angeles Tech
- Number of Tech Workers: 375,800; 5.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Snap, Netflix, SpaceX, Disney, Google
- Key Industries: Artificial intelligence, adtech, media, software, game development
- Funding Landscape: $11.6 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Strong Ventures, Fifth Wall, Upfront Ventures, Mucker Capital, Kittyhawk Ventures
- Research Centers and Universities: California Institute of Technology, UCLA, University of Southern California, UC Irvine, Pepperdine, California Institute for Immunology and Immunotherapy, Center for Quantum Science and Engineering
