Senior Application Security Engineer

We are seeking a Senior Application Security Engineer to secure our software supply chain by assessing, governing, and mitigating risks associated with open-source software. This role partners closely with engineering, DevOps, and security teams to drive secure OSS adoption at scale.

What You'll Do

• Generate and analyze SBOMs and conduct OSS security assessments using tools like Snyk and Syft.

• Evaluate and onboard security tools through POCs.

• Build and operate cloud-based data pipelines to identify vulnerabilities, license risks, and supply chain threats.

• Develop dashboards and reports to communicate security risk to engineering teams and leadership.

• Design and integrate OSS security tooling, including JFrog Artifactory/Xray or Sonatype Nexus/Lifecycle.

• Partner with engineering teams to guide secure open-source usage and remediation.

• Support incident response efforts, including zero-day vulnerability management.

• Create OSS security standards, documentation, and training materials.

• 7+ years of experience in cybersecurity, application security, or software supply chain security.

• Hands-on experience with SBOMs, OSS scanning tools, and vulnerability management.

• Experience with JFrog or Sonatype artifact repository platforms.

• Strong background in cloud-native security and automation.

Skills & Technologies

• Programming: Python; npm / Node.js ecosystems

• Cloud & Platforms: AWS, Kubernetes, SQL

• OSS & Supply Chain: JFrog Artifactory/Xray, Sonatype Nexus/Lifecycle

• Reporting & Monitoring: Amazon QuickSight, Prometheus

Qualifications

• Bachelor's degree in Computer Science, Information Security, or related field (or equivalent experience).

• Knowledge of OWASP, NIST, and secure SDLC practices.

• Strong communication and cross-functional collaboration skills.

• Security certifications (CISSP, CSSLP, etc.) are a plus.

Primary qualification : Python, AWS + Kubernetes + SQL + Security certifications (CISSP, CSSLP, etc.) are a plus

**A little about ADP:** We are a comprehensive global provider of cloud-based human capital management (HCM) solutions that unite HR, payroll, talent, time, tax and benefits administration and a leader in business outsourcing services, analytics, and compliance expertise. We believe our people make all the difference in cultivating a down-to-earth culture that embraces our core values, welcomes ideas, encourages innovation, and values belonging. We've received recognition for our work by many esteemed organizations, learn more at ADP Awards and Recognition (https://www.adp.com/about-adp/awards-and-recognition.aspx) ., **Ethics at ADP:** ADP has a long, proud history of conducting business with the highest ethical standards and full compliance with all applicable laws. We also expect our people to uphold our values with the highest level of integrity and behave in a manner that fosters an honest and respectful workplace. Click https://jobs.adp.com/life-at-adp/ to learn more about ADP's culture and our full set of values.