Application Security Engineers

In this role, you will support our main application security group in reviewing internally developed and vendor-provided applications. You will conduct security assessments, integrate security tooling into automated pipelines, and serve as a critical bridge between security and our development teams., End-to-End AppSec Services: Manage intake, assessment scoping, and application team engagement.

Assessment Activities: Support and execute SAST, SCA, DAST, API security, and mobile security assessments, including onboarding, validation, reporting, and remediation guidance.

Vulnerability Management: Work closely with engineering teams to review findings, provide clear remediation advice, and efficiently reduce the AppSec backlog.

We are seeking two skilled Application Security Engineers who possess a powerful combination of strong software development fundamentals and dedicated application security expertise., Experience: 3 to 6 years of related experience across application security, DevSecOps, software engineering, security testing, or vulnerability management.

Strong Programming Background: A background in a strong development program with a solid foundation in programming. Experience in Java or Python is preferred, though similar languages (Ruby, Go, Node.js) are completely fine.

Application Security Expertise: Hands-on experience with secure coding knowledge, secure SDLC, SAST, DAST, SCA, and API security.

DevSecOps & Collaboration: Experience with CI/CD pipelines, GitHub, Jenkins, and Jira.

Communication: Ability to clearly explain vulnerabilities, risk, and technical remediation steps to both developers and business stakeholders.

Education: Bachelor's degree required; Master's degree preferred.