Senior Technical Security Engineer

AllSTEM Connections is actively recruiting on behalf of one of our valued clients—a leading organization known for innovation and excellence in the digital product space. We are excited to share this opportunity with professionals who are passionate about design systems, user experience, and collaborative product development. If the role aligns with your background and career goals, we encourage you to apply and take the next step toward joining a dynamic and forward-thinking team.

Position Title – Sr Technical Security Engineer

Hourly Pay Rate (w2 Role) - $78.58

Contract End Date - 4/4/2026

100% Remote

Job Summary

Minimum Requirements

• 5+ years of experience in application or product security, with a track record of securing desktop and mobile applications.
• Strong understanding of secure architecture for thick clients, including local storage protection, inter-process communication, JavaScript engines, OS-level security features, and web security standards (CSP, same-origin policy, TLS/HTTPS).
• Experience with mobile (iOS/Android) and desktop (Windows/macOS/Linux) application security models.
• Proficiency in GenAI security, modern cryptography, certificate management, secure authentication (OAuth, WebAuthn, FIDO2), and secure session handling.
• Knowledge of OS-level hardening techniques, sandboxing, privilege separation, and secure use of platform APIs.
• Hands-on experience with secure coding practices in at least one systems language (C++, Rust, Go) and one application language (Kotlin, Swift, C#).
• Familiarity with static/dynamic analysis tools, fuzzing, penetration testing, and reverse engineering for client applications.
• Experience embedding security into the software development lifecycle (threat modeling, code reviews, secure design patterns).
• Ability to manage incident response and vulnerability remediation for thick client environments.
• Strong cross-team communication skills and ability to write clear developer-facing security guidelines.

Preferred

• Contributions to open-source client frameworks, SDKs, or application security tools.
• Prior work with secure local storage, anti-tampering, DRM, or obfuscation in client software.
• Familiarity with offline-first application security challenges (sync, caching, data persistence).
• Experience with privacy-preserving client design, including minimizing telemetry and preventing data leakage.
• Deep understanding of reverse engineering techniques and defenses (e.g., code obfuscation, anti-debugging, integrity checks).
• Experience leading security architecture for a thick client application launch at scale.
• Advanced degree (MS/PhD) in Computer Science, Cybersecurity, or related field.