More jobs:
Security Engineer - Application Security
Job in
Owensboro, Daviess County, Kentucky, 42301, USA
Listed on 2026-06-17
Listing for:
Fragomen
Full Time
position Listed on 2026-06-17
Job specializations:
-
IT/Tech
Cybersecurity, Systems Engineer, Security Manager
Job Description & How to Apply Below
Our industry-leading, immigration specific software and supporting infrastructure is undergoing tremendous transformation and security is on the critical path to success in that endeavor. A professional, who is passionate about security, capable of effecting change, and ready to build a strong App Sec program, is what we seek. You will be joining a small team of Security Engineers who make security a distinguishing factor in our technological offerings.
A successful candidate will help engineer solutions to secure software development, identify threats and mitigate vulnerabilities throughout our environment.
What an Application Security Engineer does at Fragomen:
Build, deploy and maintain tooling to validate and track security controls in and around our code
Work closely with application development and infrastructure architectural teams to create code which is secure by design and default
Triage programmatic source code findings and automate penetration testing to decrease potential introduction of vulnerabilities
Lead and collaborate with developers on secure coding techniques and threat modeling
Contribute to vulnerability detection and remediation of technological offerings
Deploy developed or OTS security applications to support our efforts
Participate in a cross-functional response to cyber security incidents
Work closely the security team to establish prevention, detection and mitigation techniques
Support the scoping and rules of engagement of our penetration testing regime
Let’s talk if you have the following experience, knowledge, skills and education:
A passionate team player who builds knowledge and solves complex problems5+ years of web application development (.net, python, java, etc.)Secure SDLC (Software Development Life Cycle), DAST (Dynamic Application Security Testing), and SAST (Static Application Security Testing) experience
Demonstrated understanding of web application penetration testing, secure coding and source code analysis
Strong, professional communication skills that maintain under pressure
These things are great, but not required:
Experience in developing highly automated detection and triage tools
Deep understanding of cyber security techniques
Technical certification demonstrating technical prowess in secure software development e.g. Certified Secure Software Lifecycle Professional (CSSLP), or Certified Application Security Engineer (CASE) or similarBA degree in a related field or a combination of related experience is a must
All offers and/or employment contracts are contingent upon the successful completion of the Firm’s pre-employment screening process. This process may include verifying the candidate’s identity, confirming legal authorization to work in the offered position’s location, and conducting a comprehensive background check, where permitted by local regulations. We use limited AI‑assisted tools for administrative screening purposes only - never for decision‑making. All hiring decisions are made by people.
Applicants may have rights to information and explanations regarding the use of such tools, or request human review, as required by applicable regional laws.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×