×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Cybersecurity Engineer Sr- Application Security

Job in Providence, Providence County, Rhode Island, 02912, USA
Listing for: UNFI
Full Time position
Listed on 2026-02-16
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

Job Overview

The Senior Cybersecurity Engineer (Application Security) is responsible for protecting our organization’s software applications and services from threats by embedding security practices into the software development lifecycle (SDLC). The role functions as part of the cybersecurity operations team and collaborates cross-functionally with Application Development, Threat Intelligence, Vulnerability Management, Threat Emulation and Security Architecture teams to identify vulnerabilities, perform assessments, to build secure applications and promote a culture of security.

This position plays a critical role in safeguarding sensitive data, maintaining compliance, and reducing application‑layer risk in cloud, web, mobile and API environments. The role is expected to independently lead engagements from conception to completion, communicate technical details to partners and senior leadership, mentor junior staff, and provide technical direction to the program.

Job Responsibilities
  • Conduct security-focused code reviews, static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and interactive application security testing (IAST)
  • Triage and prioritize findings from automated security scans and penetration testing results; provide actionable remediation guidance to developers
  • Collaborate with software development teams to integrate security tools and best practices into CI‑CD pipelines (e.g., secret scanning, dependency checking, secure coding standards)
  • Develop and maintain security tools, scripts, frameworks, and automation to scale application security efforts
  • Support vulnerability assessments, penetration testing, and red team exercises on applications
  • Provide security consulting and training to development teams on secure coding practices, common vulnerabilities (e.g., OWASP top 10), and emerging threats
  • Monitor emerging application security trends, vulnerabilities (e.g., CVEs), and attack techniques; contribute to incident response when application exploits occur
  • Ensure applications align with relevant standards and regulations (e.g., NIST, OWASP, PCI‑DSS, SOC
    2)
  • Create and update security documentation, policies and threat models as needed
  • Compile and analyze data for management reporting and metrics as directed
  • Demonstrate expert-level knowledge and skills in the technical, process, organizational, and philosophical aspects of application security
  • Perform other duties as assigned
Job Requirements Education / Certifications
  • BA/BS in Computer or Cybersecurity domain
  • Relevant certifications such as OSCP, GWAPT, CSSLP, CEH, CISSP, or cloud security certs (e.g., AWS Security Specialty)
Experience
  • 6+ years of experience in application security, secure software development, penetration testing, or related cybersecurity roles, in a large, highly diverse, and distributed environment
  • Strong understanding of web application vulnerabilities, OWASP top 10, and secure coding principles
  • Proficiency in at least one or more programming languages (e.g., Python, Java, JavaScript, C#)
  • Hands‑on experience with App Sec tools such as:
    • SAST: SNYK, Veracode, Sonar Qube, Checkmarx, CodeQL
    • DAST: SNYK, OWASP ZAP, Burp Suite, Veracode
    • SCA:
      Snyk, Dependabot, Black Duck, OWASP Dependency‑Check
    • Other:
      Wiz, Git Hub Advanced Security, or similar
  • Familiarity with cloud platforms (AWS, Azure, GCP) and container/orchestration technologies (Docker, Kubernetes)
  • Experience with Dev Sec Ops  practices and integrating security into CI‑CD pipelines
  • Knowledge of secure SDLC methodologies, threat modeling (e.g., STRIDE, PASTA), and secure design patterns
Knowledge / Skills / Abilities
  • Excellent written, verbal, and interpersonal communication skills – able to explain technical security issues to non-technical stakeholders and collaborate effectively with developers
  • Analytical mindset with strong problem‑solving abilities
  • Proactive, detail‑oriented, and able to manage multiple priorities
  • Ability to translate technical findings into actionable insights
  • Ability to mentor junior staff and transfer technical knowledge as well as contribute to the team’s knowledge sharing
  • Strong independent…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search