Senior Application Security Engineer

• Build and improve security capabilities, automation, and guardrails for mobile applications and backend/API services • Perform application or API/backend penetration testing • Identify, triage, and help remediate vulnerabilities across Chime products • Partner closely with engineering and product teams to embed security into the development lifecycle across mobile apps, APIs, and backend services • Perform architecture and code reviews across the stack (iOS/Android, APIs, backend) with a focus on secure data storage, authentication, authorization, secure communication, and session/token handling • Leverage AI to accelerate security workflows (e.g., code review support, triage, threat modeling), and partner with teams building AI-enabled features to define and implement production-grade AI security controls • 5+ years of experience in application security, with strong hands-on experience across both mobile and backend systems • Hands on experience securing iOS and Android applications in production environments • Strong understanding of mobile threat models and common attack techniques • Experience with mobile security testing techniques, including static and dynamic analysis • Familiarity with iOS and Android platform security features and limitations • Practical coding experience, preferably in Ruby, Go, Python  languages • Ability to clearly communicate security risks, tradeoffs, and remediation guidance to engineering partners • #LI-Hybrid #LI-JL1