Currently Empty: $0.00
Application Security Engineer
Salary- $90K/yr - $120K/yr
Remote
Posted 1 month ago
Job Description
We are seeking a skilled Application Security Engineer to join our cybersecurity team. The Application Security Engineer will be responsible for ensuring the security of software applications throughout the Software Development Life Cycle (SDLC). This role involves identifying security vulnerabilities, performing security assessments, integrating security controls into development processes, and collaborating with software engineers to build secure applications.
The ideal candidate will have experience in secure coding practices, application security testing, DevSecOps, and vulnerability management. You will play a critical role in protecting enterprise applications from cyber threats while supporting secure software development initiatives.
Key Responsibilities
Application Security Assessments
- Perform application security reviews and risk assessments.
- Conduct Static Application Security Testing (SAST).
- Conduct Dynamic Application Security Testing (DAST).
- Perform Interactive Application Security Testing (IAST).
- Identify and validate application vulnerabilities.
- Prioritize remediation activities based on risk.
Secure Software Development
- Collaborate with development teams to implement secure coding practices.
- Integrate security requirements into the SDLC.
- Review source code for security weaknesses.
- Provide guidance on secure application architecture.
- Support threat modeling activities during application design.
Vulnerability Management
- Analyze security findings from automated and manual testing.
- Track and manage application vulnerabilities.
- Verify remediation efforts and security fixes.
- Maintain vulnerability metrics and reporting.
- Support penetration testing activities.
DevSecOps & Automation
- Integrate security tools into CI/CD pipelines.
- Automate application security testing processes.
- Implement security gates for software releases.
- Support secure containerization and cloud-native applications.
- Improve security monitoring and alerting capabilities.
Compliance & Governance
- Ensure applications meet security and compliance requirements.
- Support security audits and assessments.
- Maintain application security policies and standards.
- Assist in regulatory compliance initiatives.
- Promote security awareness among development teams.
Collaboration & Incident Support
- Work closely with Software Engineers, DevOps Engineers, and Security Teams.
- Participate in incident investigations involving application security issues.
- Provide technical security recommendations to stakeholders.
- Contribute to security training and knowledge-sharing initiatives.
Required Qualifications
- Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, Software Engineering, or a related field.
- 3+ years of experience in Application Security, Software Security, or Cybersecurity.
- Experience with secure coding principles and SDLC processes.
- Strong understanding of web application security concepts.
- Experience conducting vulnerability assessments and code reviews.
- Knowledge of authentication, authorization, and access control mechanisms.
- Strong analytical and problem-solving skills.
Preferred Qualifications
- Experience with DevSecOps practices.
- Knowledge of cloud security (AWS, Azure, GCP).
- Familiarity with container security and Kubernetes.
- Experience in threat modeling.
- Knowledge of API security and microservices security.
- Security certifications are highly preferred.
Technical Skills
Security Testing
- SAST
- DAST
- IAST
- Software Composition Analysis (SCA)
- Penetration Testing
- Vulnerability Assessment
Programming Languages
- Python
- Java
- JavaScript
- C#
- C/C++
- Go
Security Tools
- Burp Suite
- OWASP ZAP
- Checkmarx
- Veracode
- Fortify
- SonarQube
- Snyk
- GitHub Advanced Security
Cloud & DevSecOps
- AWS Security Services
- Microsoft Azure Security
- Google Cloud Security
- Docker
- Kubernetes
- Jenkins
- GitHub Actions
- GitLab CI/CD
Security Frameworks
- OWASP Top 10
- OWASP ASVS
- NIST Cybersecurity Framework
- CIS Controls
- Secure SDLC
Soft Skills
- Strong Communication Skills
- Problem Solving
- Risk Assessment
- Team Collaboration
- Technical Documentation
- Critical Thinking
- Attention to Detail
Job Features
| Job Category | Cyber Security |




