Staff Application Security Engineer

Agility’s commercially deployed humanoids operate alongside teams in warehouses, manufacturing facilities, and distribution centers—tackling physically demanding and repetitive tasks while enabling workers to focus on higher-value work. With industry-leading safety standards and years of proven deployment data, we're pioneering a new era of automation that enhances human potential.

About Agility Robotics

Agility Robotics is pioneering the field of humanoid robots, designing systems like Digit to safely and adaptively work alongside people in environments built for people, such as logistics and manufacturing. Our mission is to make businesses more productive and people's lives more fulfilling by delivering robots with advanced mobility, intelligence, and efficiency. To support this rapid scaling, we are currently managing massive growth, expanding our robot fleet from 100 to 1,000 and growing our staff from 300 to 500. This expansion is critical to capitalizing on the humanoid robot market, which is projected to reach $15.3 billion by 2030.

Our flagship product is the bipedal robot Digit (currently v4), which handles payloads up to 35 pounds, and our cloud-based platform, Agility Arc, which allows businesses to deploy, monitor, and scale robot fleets.

About The Role

As a Staff Application Security Engineer, you will be crucial in integrating security controls directly into our software development lifecycle (SDLC). This role is vital for reducing the exposure of proprietary code and minimizing application-layer vulnerabilities within our robot software, cloud platform (Agility Arc), and internal tools, thereby preventing expensive, post-deployment incidents.

You will join a growing Security and Networking team focused on securing a tenfold increase in our network and application attack surface, while preparing the company for external compliance initiatives like SOC 2 and ISO 27001.

Key Responsibilities

• Security Development Lifecycle (SDLC) Integration: Drive the implementation of security practices throughout the entire software development process, from design review through deployment.
• Application Security Testing: Perform offensive penetration testing and defensive (Blue Team) testing on web applications, internal services, and robot-side software to identify and remediate vulnerabilities.
• Automation and Tooling: Implement and manage security tools, including Static Application Security Testing (SAST) or Dynamic Application Security Testing (DAST) or runtime vulnerability assessments, and Software Bill of Materials (SBOM) systems. Implementation of these systems using tools such as JFrog Artifactory, GitHub Advanced Security, Datadog, Wiz or Snyk.
• Code Review and Governance: Define and enforce security policies for source code, including mandatory GitHub security practices and review procedures.
• Vulnerability Management: Manage the lifecycle of identified vulnerabilities, prioritizing remediation efforts based on risk to the fleet, proprietary code, and cloud infrastructure.
• Collaboration: Partner with development, platform, and infrastructure teams to ensure security requirements are met without hindering engineering velocity.

Required Qualifications

• 8+ years of dedicated, hands-on experience in Application Security (AppSec) engineering or a related Staff-level security role.
• Demonstrated expertise in Application Security engineering with programming skills.
• Proven hands-on experience implementing security controls in CI/CD pipelines and source control systems (e.g., GitHub, GitLab).
• Experience with penetration testing, vulnerability scanning and offensive and defensive security (Red Team/Blue Team) practices.
• Proficiency in at least one modern programming language (e.g., Python, Go, C++).
• Strong understanding of security best practices for cloud-native, microservice, and distributed systems architecture.
• Experience with cloud security such as AWS or GCP
• Kubernetes experience integrating security controls into K8s environments. 
• Experience leading and mentoring security engineers.

Preferred Experience

• Experience in a rapidly scaling organization (IoT or robotics experience is a plus).
• Experience with AI for coding (such as Claude Code) or AI for application security protection (such as AI in security tooling) is a plus.

This is a fully remote role with the option to work hybrid if a commutable distance from our Salem, OR, Pittsburgh, PA, or Fremont, CA offices.

The final salary offered to a successful candidate will be dependent on several factors that may include but are not limited to: market location, job-related knowledge, skills, and experience. This range may change based on geographical location and may be modified in the future.

In addition to base pay, our competitive total rewards package consists of the following for full-time employees:

• 401(k) Plan: Includes a 6% company match.
• Equity: Company stock options.
• Insurance Coverage: 100% company-paid medical, dental, vision, and short/long-term disability insurance for employees.
• Benefit Start Date: Eligible for benefits on your first day of employment.
• Well-Being Support: Employee Assistance Program (EAP).
• Time Off:
  • Exempt Employees: Flexible, unlimited PTO and 12 company holidays, including a winter shutdown.
  • Non-Exempt Employees: 10 vacation days, paid sick leave, and 12 company holidays, including a winter shutdown, annually.
• On-Site Perks: Catered lunches four times a week and a variety of healthy snacks and refreshments at our Salem and Pittsburgh locations.
• Parental Leave: Generous paid parental leave programs.
• Work Environment: A culture that supports flexible work arrangements.
• Growth Opportunities: Professional development and tuition reimbursement programs.
• Relocation Assistance: Provided for eligible roles.
• Annual Discretionary Bonus: Provided for eligible roles.

All of our roles are U.S.-based. Applicants must have current authorization to work in the United States.

Agility Robotics is committed to a work environment in which all individuals are treated with respect and dignity. Each individual has the right to work in a professional atmosphere that promotes equal employment opportunities and prohibits unlawful discriminatory practices, including harassment. Therefore, it is the policy of Agility Robotics to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, age, disability, marital status, citizenship, national origin, genetic information, or any other characteristic protected by law. Agility Robotics prohibits any such discrimination or harassment.

Agility Robotics does not accept unsolicited referrals from third-party recruiting agencies.  We prioritize direct applicants and encourage all qualified candidates to apply directly through our careers page.  If you are represented by a third party, your application may not be considered.  To ensure full consideration, please apply directly.

Apply Now: https://grnh.se/b444bbd04us