Job Application for Senior Application Cybersecurity Engineer at Gallup

tags.new

Anticipate attacks, outsmart threats and safeguard innovation.

Gallup is seeking a senior application cybersecurity engineer who thrives at the intersection of engineering and security. You’ll partner with development teams to build secure by design applications, lead threat modeling efforts and strengthen our AWS cloud environments. This role offers the autonomy to innovate, the responsibility to safeguard critical systems and the opportunity to leave a lasting impact on how security scales across Gallup.

What You’ll Do

Review and advise on secure design for web applications, APIs, CI/CD pipelines and AWS services
Lead and facilitate threat modeling (e.g., STRIDE, attack trees) to proactively identify risks
Partner with development teams to embed secure coding, conduct reviews and integrate security controls into pipelines
Perform and interpret application security testing, such as SAST, SCA, DAST, mobile, web and API penetration
Manage cloud security posture (CSPM) across AWS environments
Build and monitor AppSec-specific logs, alerts and dashboards
Develop tools, processes and playbooks that make secure by design scalable
Respond to urgent security incidents and coordinate with legal, security and engineering teams
Share knowledge and foster security awareness across engineering teams

What Makes You Stand Out

Clear communication: You turn complex risks into clear, actionable guidance.
Self-starter mindset: You thrive working independently while knowing when to pull in others.
Impactful speed: You move quickly without cutting corners, ensuring durable results.
Adaptive focus: You stay effective across shifting priorities and varied demands.
Calm under pressure: In urgent incidents, you bring clarity and steadiness.
Persistence and precision: You solve tough security challenges with practical, scalable solutions.

What You Need

Bachelor’s degree in cybersecurity, information assurance, computer science or a related field required
At least five years of experience in enterprise application security engineering required
Hands-on experience with threat modeling, secure web/API design and penetration testing required
Proficiency with SAST, SCA, code reviews and DevSecOps pipelines required
Strong programming or scripting skills in at least one language (e.g., Python, JavaScript, C#, Java) required
Familiarity with AWS security best practices and Splunk preferred
Certifications such as OSWE, OSCP, GWAPT and GXPN preferred
A commitment to working on-site at Gallup’s San Francisco office at least three days a week required

About Gallup

At Gallup, we change the world, one client at a time, through extraordinary analytics and advice on everything important facing humankind.

Gallup offers a robust benefits package that includes medical, dental, vision, life and other insurance options; a fully vested 401(k) retirement savings plan with company matching; an employee stock ownership program; mass transit reimbursement; family-building benefits; an employee assistance program; and various reimbursements and activities that enhance our associates’ wellbeing. We also offer an estimated annual salary range of $150,000-$200,000 for this role. Salaries are based on a variety of factors, including an individual’s education, experience and skills.

Gallup is an equal opportunity employer. We consider all qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status, sexual orientation, gender identity, or any other legally protected basis, in accordance with applicable law.

To review Gallup’s Privacy Statement, please click this link: https://www.gallup.com/privacy. This privacy policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage and delete your information. Your application and the information you provide will be processed and stored in the United States.

Create a Job Alert

Interested in building your career at Gallup? Get future opportunities sent straight to your email.

First Name

Last Name

Preferred First Name

Country

Phone

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf

Cover Letter

Accepted file types: pdf, doc, docx, txt, rtf

School

Select...

Degree

Select...

LinkedIn Profile

Country

Select...

Address Line 1

Address Line 2

City

State

Select...

If you were referred by a Gallup associate, please provide their name.

Please indicate which languages you speak in addition to English:

Select...

Please indicate your highest completed level of education.

Select...

How many years of professional experience do you have in enterprise application security engineering?

Select...

Do you have professional experience with threat modeling, secure web/API design and penetration testing?

Select...

Please indicate your level of proficiency in SAST, SCA, code reviews and DevSecOps pipelines:

Select...

Are you proficient in programming or scripting in at least one language (e.g., Python, JavaScript, C#, Java)?

Select...

Please indicate with which language(s) you are proficient:

Please list any relevant certifications:

Are you familiar with AWS security best practices?

Select...

Are you familiar with Splunk?

Select...

Will you be able to work on-site in San Francisco at least three days a week?

Select...

What are your career plans?

What are your total annual salary requirements, including bonus or other forms of compensation? Please include a specific number or range.

Are you legally authorized to work in the country of employment?

Select...

Will you now, or will you at any time in the future, require sponsorship for an employment visa (e.g., H-1B visa status)?

Select...

Have you completed an application for any other opportunities at Gallup within the last 2 years?

Select...

Have you ever been employed by Gallup before?

Select...

Are you a U.S. federal government, foreign government, or United Nations employee, or have you worked for the U.S. federal government, foreign government, or United Nations in the past 24 months?

Select...

If you are a present or former employee of the US Government in the past 24 months, have you acted for or advised with respect to a Federal agency procurement, or have you had access to procurement bid, proposal information, or source selection information on a project Gallup was or is bidding on, or have you worked on any project where Gallup was providing services to your federal agency?

Select...

The application statement shall constitute a part of any employment application I may submit to Gallup. I understand that I will be subject to dismissal if anything is found to be false. I understand that nothing contained in the employment or in the granting of any interview is intended to create an employment contract between Gallup and myself for either employment or for the providing of any benefit. I understand that no promises regarding employment have been made to me. I understand that if I am employed by Gallup, I will enter into a separate employment contract, the terms and conditions of which will govern my employment. This understanding cannot be changed except in writing by an authorized Gallup official. Gallup’s rights as explained in this form shall not be modified or limited to an oral representation by any Gallup representative, or by any written provisions contained in any Gallup literature, newspaper or other advertisement, policy manual, or employment guidelines.

Select...

Voluntary Self-Identification

For government reporting purposes, we ask candidates to respond to the below self-identification survey. Completion of the form is entirely voluntary. Whatever your decision, it will not be considered in the hiring process or thereafter. Any information that you do provide will be recorded and maintained in a confidential file.

As set forth in Gallup’s Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law.

Gender

Select...

Are you Hispanic/Latino?

Select...

Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.

Veteran Status

Select...

Voluntary Self-Identification of Disability

Form CC-305

Page 1 of 1

OMB Control Number 1250-0005

Expires 04/30/2026

Why are you being asked to complete this form?

We are a federal contractor or subcontractor. The law requires us to provide equal employment opportunity to qualified people with disabilities. We have a goal of having at least 7% of our workers as people with disabilities. The law says we must measure our progress towards this goal. To do this, we must ask applicants and employees if they have a disability or have ever had one. People can become disabled, so we need to ask this question at least every five years.

Completing this form is voluntary, and we hope that you will choose to do so. Your answer is confidential. No one who makes hiring decisions will see it. Your decision to complete the form and your answer will not harm you in any way. If you want to learn more about the law or this form, visit the U.S. Department of Labor’s Office of Federal Contract Compliance Programs (OFCCP) website at www.dol.gov/ofccp.

How do you know if you have a disability?

A disability is a condition that substantially limits one or more of your “major life activities.” If you have or have ever had such a condition, you are a person with a disability. Disabilities include, but are not limited to:

Alcohol or other substance use disorder (not currently using drugs illegally)
Autoimmune disorder, for example, lupus, fibromyalgia, rheumatoid arthritis, HIV/AIDS
Blind or low vision
Cancer (past or present)
Cardiovascular or heart disease
Celiac disease
Cerebral palsy
Deaf or serious difficulty hearing
Diabetes
Disfigurement, for example, disfigurement caused by burns, wounds, accidents, or congenital disorders
Epilepsy or other seizure disorder
Gastrointestinal disorders, for example, Crohn's Disease, irritable bowel syndrome
Intellectual or developmental disability
Mental health conditions, for example, depression, bipolar disorder, anxiety disorder, schizophrenia, PTSD
Missing limbs or partially missing limbs
Mobility impairment, benefiting from the use of a wheelchair, scooter, walker, leg brace(s) and/or other supports
Nervous system condition, for example, migraine headaches, Parkinson’s disease, multiple sclerosis (MS)
Neurodivergence, for example, attention-deficit/hyperactivity disorder (ADHD), autism spectrum disorder, dyslexia, dyspraxia, other learning disabilities
Partial or complete paralysis (any cause)
Pulmonary or respiratory conditions, for example, tuberculosis, asthma, emphysema
Short stature (dwarfism)
Traumatic brain injury

Disability Status

Select...

PUBLIC BURDEN STATEMENT: According to the Paperwork Reduction Act of 1995 no persons are required to respond to a collection of information unless such collection displays a valid OMB control number. This survey should take about 5 minutes to complete.

Senior Application Cybersecurity Engineer

Apply for this job

Voluntary Self-Identification

Voluntary Self-Identification of Disability