Applications Security Engineer - Hybrid

As a Applications Security Engineer, you will design, implement, and operationalize application security controls that protect web, mobile, and cloud native applications across the enterprise. You will work closely with engineering, cloud, and release teams to embed security early in the development lifecycle, administer security tooling, and ensure applications are delivered securely, reliably, and in alignment with industry best practices., * Lead application security design and implementation across web, mobile, and cloud native services.

• Administer and optimize static code analysis tools and guide vulnerability remediation.
• Collaborate with development teams on secure design reviews, code analysis, and release readiness.
• Secure cloud native workloads including functions, APIs, identities, and storage resources.
• Integrate application security controls into CI/CD pipelines and DevSecOps workflows.
• Partner with change and release teams to align security controls with deployment schedules.
• Maintain and tune application layer protection technologies to balance security and performance.
• Provide risk based security guidance during project planning and architecture discussions.

• 3+ years of hands on application security experience across offense and defense practices.
• Strong experience with SAST and SCA tools and vulnerability lifecycle management.
• Solid understanding of OWASP Top Ten and secure coding remediation techniques.
• Hands on experience securing cloud native applications and serverless environments.
• Ability to read and review code in languages such as JavaScript, Java, Node.js, or Python.
• Experience integrating security into CI/CD pipelines and Agile delivery models.
• Strong collaboration, communication, and stakeholder engagement skills.
• Experience coordinating with release and change management teams in production environments.