Python/Django Senior Application Security Engineer (Hybrid - US)

• Contribute to the application security roadmap for internal applications—prioritize risks and sequence work across codebases, application layer, and DevOps.
• Consult with engineers to communicate requirements, create actionable tickets/acceptance criteria, and drive adoption of security measures.
• Conduct pull request reviews focused on security, provide guidance on refactors, and approve/deny with clear rationale.
• Serve as a steward for SAST/scanning: review static code scan results, triage findings, eliminate noise, and drive remediation with owners.

This role contributes to Energy Solutions' mission of delivering large-scale energy, carbon, and water-use savings through market-based programs, helping secure the platforms that enable climate solutions.

• Minimum of 5 years' experience in application security with practice and implementation in Django/Python with a clear application-security focus.
• Engineering background (software or DevOps/SRE) with the ability to read/modify code, review PRs, and build PoCs.
• Experience with GitHub security, including reviewing static code scans, triage findings, eliminate noise, and drive remediation with owners.
• Experience embedding secure SDLC into Git-based workflows and CI/CD (pre-commit, pipeline gates, policy-as-code).

The salary range for this role is $119,100 - $147,400/annually, with a target compensation of $119,000 to $131,600 based on experience and qualifications. Compensation includes a generous retirement package, medical, dental and vision insurance, other pre-tax contribution plans and an Employee Stock Ownership Plan (ESOP).

Energy Solutions focuses on market-based programs to deliver large-scale energy, carbon, and water-use savings through proven, performance-based solutions for utility, government, and institutional customers.