Application Security Engineer

Application Security Engineer

Join our growing security team as a highly motivated and experienced Application Security Engineer. This technical role requires a solid understanding of application security and privacy, secure coding practices, and secure system configurations. The engineer will ensure that every step of the software development lifecycle follows security best practices, conduct security assessments with SAST/DAST tools, review source code, perform threat modeling, and design secure development practices.

• Conduct security assessments that require expertise of our organization’s applications using both SAST and DAST methodologies.
• Collaborate with software development teams to integrate security into the development life cycle.
• Conduct security assessments of web, mobile, and other applications.
• Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation.
• Design and implement secure software development practices, including threat modeling, secure coding standards, and code review.
• Stay current with security threats, trends, and technologies, and recommend new security controls as needed.
• Conduct application security investigations and provide recommendations to mitigate risk.
• Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards.

Performs other duties as assigned.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years experience with OWASP, SAST, DAST, SCA, RASP, and common security tools.
• 7+ years experience in application security, security engineering, software development, or a related field.
• 5+ years experience with secure coding practices, threat modeling, and SDLC methodologies.
• 5+ years experience diagnosing, isolating, resolving complex issues and recommending or implementing strategies to resolve problems.
• 5+ years experience with systems integration processes, methodology and tools.
• 7+ years development and scripting experience.
• 5+ years professional application security role experience.
• 5+ years experience with API and Web Security.
• 3+ years experience with WAF or similar application security infrastructure (preferred).
• 7+ years experience in integrating security in CI/CD and Dev Ops.
• 6+ years process or operation management, Value Stream Mapping, Continuous Flow, Pull Replenishment, and other process improvement experience.

• Excellent communication skills, verbal and written, and ability to work effectively with cross‑functional teams.
• Ability to create and maintain professional relationships within all levels of the organization.
• Ability to work independently and as a member of a team.
• Flexibility to operate and self‑driven to excel in a fast‑paced environment.
• Proficiency in at least one programming language (Python, .NET, JavaScript; .NET preferred).
• Proficiency in at least one common scripting language (Power Shell, Bash, etc.).
• Familiarity with NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations.
• Expert CI/CD experience with Azure Dev Ops, Terraform or other automation and integration technologies.
• Advanced risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy.

CISSP, OSCP, CASE, or other industry‑leading certifications preferred.

1–10% travel.

Pay Type:

Salaried.

Minimum Pay Range: $

Maximum Pay Range: $

Full‑time positions offer comprehensive health and welfare benefits, including medical, prescription, dental, vision, life insurance, disability insurance, paid time off (vacation, illness, bereavement, family and parental leave), and a tax‑advantaged 401(k) retirement savings plan.

We are an Equal Opportunity Employer and a drug‑free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with a disability.