Application Security Engineer

ABOUT LVT

LVT is redefining how businesses operate in the physical world, moving beyond traditional security solutions to deliver AI-driven, actionable intelligence that makes sites smarter, safer, and more secure. Since pioneering our first mobile, solar-powered units, our commitment to scrappy, hands-on innovation has made us an established leader and one of the fastest-growing companies in intelligent site technology. We are building the next generation of solutions—from our physical units in the field to a powerful Agentic AI platform—that allows our customers to gain unprecedented visibility and control over safety, compliance, and operations. This is your chance to join a cutting-edge team that isn't just watching the world change, but actively building the technology that is changing it.

We’re a team that’s focused on growth and innovation, and we’re proud that our crew, products, and leadership are being recognized for it.

• A Top-Tier Growth Company: Named one of the Financial Times’ Fastest Growing Companies 2025 and #10 on the Inc. 5000 Rocky Mountain Regional list for 2025.
• Innovative Leadership: Our CEO, Ryan Porter, was named an EY Entrepreneur of the Year 2025, and our CTO, Steve Lindsey, was inducted into the Silicon Slopes CTO Hall of Fame in 2024.
• Product & Software Excellence: We were named one of The Software Report’s Top 100 Software Companies of 2023 and are a winner of the Security Today Govies Award for 2025.

ABOUT THIS ROLE

As an Application Security Engineer at LVT, you will be a cornerstone of our commitment to building secure-by-design technology. You will partner deeply with our Engineering and Product teams to weave advanced security protocols into every layer of our Software Development Lifecycle (SDLC). This isn’t just about finding bugs; it’s about architecting a proactive security culture and scaling our defenses alongside our rapid growth. You will serve as a technical expert, mentor, and advocate, ensuring our AI-driven platform remains as resilient as it is innovative.

This role is based in-office out of our Headquarters in American Fork, Utah.

ROLE RESPONSIBILITIES

• Strategic Integration: Partner with Product and Engineering to embed reproducible, high-standard security practices directly into the SDLC.
• Defense Engineering: Develop and maintain sophisticated manual and automated security processes to identify, evaluate, and mitigate risks across our software ecosystem.
• Offensive Security: Lead proactive security initiatives including threat modeling, deep-dive code reviews, and offensive security exercises/penetration testing.
• Vulnerability Management: Architect and manage the deployment of vulnerability scanning tools, driving the remediation process to ensure rapid resolution of identified issues.
• Policy Stewardship: Assist in the development and continuous improvement of secure development policies and procedural documentation.
• Technical Translation: Communicate complex vulnerability details and risk assessments to both technical and non-technical stakeholders, ensuring organizational alignment.
• Security Culture: Mentor junior team members and foster a strong, transparent security culture across the company.
• Impact Measurement: Success in this role is measured by the reduction of critical vulnerabilities in production, the speed of remediation cycles, and the successful adoption of security tools by the broader engineering team.

OUR IDEAL CANDIDATE

• Proven Experience: At least 2+ years of professional experience in an Information Security role with a focus on modern application environments.
• Cloud Proficiency: 2+ years of hands-on security experience with AWS and other cloud service platforms.
• Modern Stack Familiarity: Comfortable navigating common web languages and frameworks such as HTML, PHP, Node.js, React.js, Nest.js, and Next.js.
• Pipeline Expertise: A solid understanding of CI/CD tools including GitHub, Docker, Jfrog, CircleCI, and ArgoCD.
• Technical Depth: A comprehensive understanding of common application vulnerabilities (OWASP Top 10) and the tools used to combat them (SAST, DAST, SCA).
• IT Foundations: Strong grasp of IT fundamentals, including operating systems, networking protocols, and the OSI model.
• Compliance Awareness: Familiarity with security frameworks such as CIS, NIST, or ISO/IEC 27001.
• Exceptional Communicator: Ability to articulate risk with clarity and professional poise, maintaining high levels of personal integrity.
• Preferred Credentials: A degree in IT/Security or industry certifications such as Security+, OSCP, GPEN, or ITCA are highly valued.
• Regulatory Experience: Prior experience working within compliance frameworks like SOC2 or FedRAMP is a plus.

BENEFITS

We believe you do your best work when your whole life is supported. We invest in our crew’s health, families, and financial futures with a benefits package designed to support you inside and outside the office.

LVT IS PROUD TO BE AN EQUAL OPPORTUNITY EMPLOYER. 

All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status. All candidates must pass a drug screening and background check upon employment. Some roles may also require passing a federal background check and fingerprinting. Must be authorized to work in the U.S. If reasonable accommodation is needed to participate in the job application or interview process, and/or to perform essential job functions, please reach out to your recruiter.