Senior Application Security Engineer
New
Based in the United StatesFull-TimeSenior
Salary not disclosed
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years
- Required Skills
- CI/CD
Requirements
- 5+ years of experience in application security, software engineering, or related cybersecurity roles, with strong exposure to SDLC environments.
- Deep understanding of application security domains including SAST, DAST, SCA, IAST, and RASP, and how they are operationalized in enterprise settings.
- Hands-on experience performing security testing using tools such as Burp Suite and modern AppSec platforms.
- Strong knowledge of cloud environments such as Amazon Web Services, Microsoft Azure, and Google Cloud, including serverless architectures.
- Experience with secure coding practices, API security, cryptographic fundamentals, and mitigation of common vulnerabilities aligned with OWASP Top 10.
- Ability to review and analyze codebases in multiple programming languages and communicate findings clearly to both technical and non-technical stakeholders.
- Strong communication skills with the ability to translate complex security risks into actionable guidance for clients.
- Experience working in Agile environments and managing multiple client engagements independently.
Responsibilities
- Lead implementation, configuration, and optimization of application security tools such as SAST, DAST, and SCA platforms across client environments.
- Conduct manual application and API security assessments, identifying vulnerabilities and recommending remediation strategies.
- Advise clients on secure SDLC practices, vulnerability management, and application security best practices aligned with frameworks such as OWASP.
- Support and troubleshoot client use of AppSec tooling including platforms like Veracode, Checkmarx, Snyk, and Invicti.
- Perform source code reviews across languages such as Java, Python, JavaScript, C#, and C++ to identify security vulnerabilities and design flaws.
- Collaborate with client engineering teams to integrate security tools into CI/CD pipelines such as Jenkins.
- Embrace emerging technologies, including AI-driven security tooling, to improve efficiency, detection, and remediation workflows.
View Full Description & ApplyYou'll be redirected to the employer's site
