×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Application Security Engineer, Vice President

Job in Hoboken, Hudson County, New Jersey, 07030, USA
Listing for: MUFG Bank, Ltd.
Full Time position
Listed on 2026-06-17
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Job Summary

This role focuses on comprehensive application security testing and vulnerability management across the software development lifecycle. It involves conducting automated and manual scans using tools such as Invicti, Veracode, and Burp Suite to identify and remediate security flaws in application code and open‑source components. The position requires strong collaboration with development and Dev Ops teams, secure coding expertise in Java and Python, scripting, and adherence to compliance frameworks including NIST, PCI‑DSS, and SOX.

Objective:
Leverage deep expertise in application security testing, secure coding, and vulnerability management to enhance the security posture of enterprise applications. Proactively identify and remediate security risks, integrate security into Dev Ops workflows, and ensure compliance with industry standards, while fostering a collaborative environment that empowers development teams to build secure software from the ground up.

Major Responsibilities
  • Application Security Testing & Analysis
    • Conduct DAST scans using Invicti to identify vulnerabilities in applications.
    • Conduct SAST scans using Veracode to identify vulnerabilities in source code.
    • Conduct SCA scans using Veracode to identify vulnerabilities in open‑source components.
    • Compare SAST and DAST results to ensure comprehensive vulnerability coverage.
    • Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations.
    • Integrate security testing into CI/CD pipelines and Dev Ops workflows.
    • As needed, conduct manual verification and authenticated scans using Burp Suite to reduce false negatives.
  • Software Development & Secure Coding
    • Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases.
    • Partner with development teams to remediate security flaws and reinforce secure coding practices.
    • Provide guidance on OWASP Top 10 and SANS Top 25 vulnerabilities, including how they arise and how to prevent them.
    • Write scripts and code in Java and Python as needed for security engineering and automation.
  • Vulnerability Management & Compliance
    • Ensure required DAST, SAST, and SCA release and periodic scanning occurs and findings are addressed within SLA.
    • Review and approve false positives and mitigated‑by‑design requests for DAST, SAST, and SCA.
    • Review and approve SDLC tasks (MME and SbD MUFG processes) for DAST, SAST, and SCA.
    • Maintain compliance with NIST, PCI‑DSS, FFIEC, SOX, and CIS security frameworks.
    • Store and organize security artifacts in archives following standardized documentation practices.
  • Security Collaboration & Process Improvement
    • Work closely with developers, Dev Ops teams, and application owners to secure software across all stages of the SDLC.
    • Automate security scanning processes via scripting and improve reporting capabilities.
    • Stay updated on exploitation techniques, security research, and industry best practices.
Qualifications
  • Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable.
  • 5+ years of experience in application security, secure development, DAST, and SAST.
  • Hands‑on experience with DAST tools such as Invicti (Netsparker), App Scan, Burp Suite, Acunetix.
  • Experience with SAST tools such as Veracode and Fortify.
  • Hands‑on experience performing manual testing with Burp Suite.
  • Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS Top 25, ITRE ATT&CK).
  • Strong software development experience with Java and Python (and/or .NET); comfortable writing production‑quality code and scripts for security engineering and automation is required.
  • AI/ML security experience (e.g., securing LLM‑enabled applications, testing for prompt injection and data leakage, and evaluating model/dependency supply chain risk) is preferred.
  • Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines.
  • Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus.
  • Scripting skills (Python, Bash, Power Shell) to automate security tasks.
  • Soft skills:

    Collaborate effectively with developers and provide security guidance in a constructive manner, communicate clearly through technical reporting and vulnerability…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search