Senior Application Security Engineer

This is a hybrid role based in our Chicago or Bay Area Offices (San Francisco or Palo Alto) and will require you to be in the office on Tuesdays and Thursdays.

What’s so interesting about this role?

As a Staff Application Security Engineer at Grindr, you will be a key player in securing our platform, protecting millions of users, and ensuring best-in-class security practices. This role will elevate our application security strategy, leading efforts across web, mobile, and API security, while partnering with engineering teams to embed security into our development lifecycle.

You will architect and implement security tooling, drive DevSecOps initiatives, and act as a trusted advisor for application security across the organization. This is an opportunity to take Grindr’s security posture to the next level in a high-impact role.

What’s the job?

• Assess & Improve Security Posture – Partner with engineering teams to evaluate the security state of our applications (web, mobile, APIs), identify risks, prioritize security efforts, and drive remediation.

• Build & Deploy Security Tooling – Architect and manage security solutions, including SAST, DAST, and Fuzzing tools, integrating them seamlessly into our DevSecOps pipelines.

• Lead Secure SDLC Initiatives – Collaborate with developers to integrate security into CI/CD workflows, ensuring security is a core component of Grindr’s software development process.

• Security Culture & Stakeholder Collaboration – Work cross-functionally with product, engineering, compliance, and executive teams to ensure security is prioritized and embedded into the company’s DNA.

• Third-Party & Bug Bounty Programs – Manage security engagements with third-party organizations and oversee Grindr’s bug bounty program to identify and address vulnerabilities proactively.

• Incident Response & Threat Modeling – Contribute to security incident response, forensics, and threat modeling efforts, ensuring proactive risk mitigation.

• Mentor & Educate – Provide security guidance to engineers, conduct training sessions, and advocate for secure coding practices.

What we’ll love about you

• 8+ years of experience in Application Security, Software Security, or DevSecOps, with a focus on securing web, mobile, and cloud applications.

• Proficiency in security tooling – hands-on experience with SAST/DAST tools (e.g., SonarQube, Snyk, GitHub Advanced Security, BurpSuite, FFUF).

• Deep expertise in secure software development – Strong knowledge of OWASP Top 10, secure coding practices, and ability to conduct code reviews to identify security flaws.

• Cloud & Infrastructure Security – Experience securing cloud environments (AWS, GCP) and working with containerized architectures (Docker, Kubernetes) or similar

• Strong leadership & communication skills – Ability to lead security initiatives, influence engineering teams, and communicate security risks effectively to technical and non-technical stakeholders.

• Experience with regulatory frameworks – Familiarity with SOX, GDPR, PCI, and SOC compliance and ability to ensure applications meet security and regulatory standards.   

We’ll really swoon if you are/have

• Experience leading bug bounty programs and working with external security researchers.

• Hands-on development experience in web and mobile technologies (e.g., Node.js, JavaScript, Swift, Kotlin).

• Familiarity with threat modeling frameworks and experience designing secure architectures for large-scale applications.

• Knowledge of serverless and microservices security best practices.

What you'll love about us

• Mission and Impact: Grindr is building the global gayborhood in your pocket. Your role will impact the lives of millions of LGBTQ+ people around the world. Through our success, we are making a world where the lives of our community are free, equal, and just.

• Family Insurance: Insurance premium coverage for health, dental, and vision for you and partial coverage for your dependents.

• Retirement Savings: Generous 401K plan with 6% match and immediate vest in the U.S.

• Compensation: Industry-competitive compensation and eligibility for company bonus and equity programs.

• Queer-Inclusive Benefits: Industry-leading gender-affirming offerings with up to 90% cost coverage, access to Included Health, monthly stipends for HRT, and more.

• Additional Benefits: Flexible vacation policy, monthly stipends for cell phone, internet, wellness, food, and commuting, breakfast/lunch provided onsite, and yearly travel & leisure stipend.

About Grindr

Grindr is building the global gayborhood in your pocket. With more than 13.5 million monthly active users, Grindr has become a fundamental part of the LGBTQ+ community and is charting a path to make the world more free, equal, and just. Since 2015, Grindr for Equality has advanced safety, health, and human rights for millions of Grindr users and the global LGBTQ+ community in partnership with more than 100 community organizations in every region of the world.

Our next evolution is underway as a public company that continues to grow and build meaningful experiences for our users. From social issues to product innovations, we're setting audacious goals for our community and the business, and leveraging the latest tech stacks and a culture of engineering excellence to make it happen. At the heart of our work in this new chapter is a shared set of operating principles centered around cultivating curiosity, thinking big, setting and expediting our ambitious goals, and growing through iteration; all while keeping our users #1.

Grindr is headquartered in West Hollywood, California, with offices in the Bay Area, Chicago, and New York. With a track record of strong financial performance and plans for continued headcount growth, we’re building a team of talented, passionate, and open-minded people who want to disrupt the dating app space, innovate products, and advance LGBTQ+ culture. Come be a part of this exciting journey with us.

Grindr is an equal-opportunity employer

To learn more about how we handle the personal data of applicants, visit our Employee and Candidate Privacy Policy.

#LI-Hybrid