Application Security Engineer Vulnerability Operations (Mid-Level)

The Application Security Engineer supports and enhances enterprise-wide vulnerability management and secure-development processes. This role works closely with engineering teams and the Application Security Champion community to operationalize AppSec controls, improve scan coverage, triage vulnerabilities, and guide remediation across applications. The engineer also contributes to automation, governance workflows, and continuous improvement initiatives within the Vulnerability Operations program., Application Security Operations Execute and improve SAST, DAST, SCA, and secrets-scanning workflows across CI/CD pipelines. Analyze and triage vulnerabilities; coordinate remediation with product teams and Application Security Champions. Ensure accurate tracking and SLA adherence using ServiceNow AVR workflows. AppSec Champion & Engineering Coordination Partner with the Application Security Champion team to share best practices, communicate emerging vulnerabilities, and strengthen decentralized security maturity. Support Champions in understanding new control requirements and tool adoption. Automation & CI/CD Integration Implement and refine CI/CD pipeline integrations for application security scanning tools. Contribute to policy-as-code rules, scanning templates, and automation scripts to improve efficiency. Assist in enabling Tier 3 gating (merge prevention/build failures) for high-risk policy violations. Governance, Reporting & Visibility Maintain dashboards, risk indicators, and quarterly migration trackers. Provide weekly operational summaries and support preparation of executive-level reports. Participate in risk review discussions, providing clear documentation of impacts and mitigations., As a Senior DevOps Engineer, you will play a crucial role in shaping the future of AI systems by designing and maintaining scalable infrastructure solutions. Your expertise will di…

• 7 hours ago
• Apply easily

Bachelor's degree in Computer Science, Cybersecurity, Engineering, or equivalent practical experience. 4 6 years of experience in Application Security, Vulnerability Management, or secure software development. Working knowledge of modern vulnerability classes (OWASP Top 10, API Security Top 10, supply chain risks). Hands-on experience with SAST, DAST, SCA, or related security scanning tools integrated into CI/CD pipelines. Familiarity with SDLC processes and secure coding principles. Experience using workflow/ticketing systems (ServiceNow, JIRA). Strong interpersonal and communication skills for working with engineering teams and AppSec Champions. Preferred Qualifications: Experience with ServiceNow AVR automation or dashboarding. Scripting experience (Python, Bash, PowerShell) for automation and tooling improvements. Background in cloud-native environments (AWS, Azure, or GCP). Certifications such as GWAPT, CSSLP, Security+, or equivalent.

• $45.00 per hour

Jones Lang LaSalle + Charlotte, NC JLL empowers you to shape a brighter way. Our people at JLL are shaping the future of real estate for a better world by combining world class services, advisory and technology fo…, © 2026 Careerjet All rights reserved