Senior Application Security Engineer

Allied Solutions, LLC
Carmel, United States of America
17 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Carmel, United States of America

Tech stack

Cloud Computing Security
Static Program Analysis
Continuous Integration
DevOps
Systems Development Life Cycle
Secure Coding
Software Engineering
Software Vulnerability Management
Web Applications
Delivery Pipeline
Software Security
Cyber Threat Analysis
GWAPT
Static Application Security Testing
Dynamic Application Security Testing

Job description

The Senior Application Security Engineer works closely with development teams to embed security practices across the SDLC. This role leads secure design reviews, conducts code-level assessments, integrates security automation into pipelines, and coaches developers on secure coding standards. The Senior AppSec Engineer partners cross-functionally to proactively manage software security risks., Technical Assessment and Security Review - 35%

  • Facilitate threat modeling workshops during application design phases.
  • Conduct secure code reviews and static analysis of internally developed codebases.
  • Guide vulnerability remediation planning for application security findings.

Secure Development and CI/CD Integration - 30%

  • Integrate AppSec tooling (SAST, SCA, DAST, secrets scanning, IaC scanning) into CI/CD pipelines.
  • Collaborate with DevOps teams to embed security testing within deployment pipelines.
  • Develop proof-of-concept secure coding examples and remediation guidance for developers.

Security Standards, Threat Intelligence, and Documentation - 20%

  • Monitor emerging application threats and recommend control adjustments.
  • Maintain security standards documentation and coding guidelines.

Mentorship and Compliance - 15%

  • Provide mentorship to junior AppSec team members.
  • Support regulatory compliance reviews related to application development.

Requirements

Do you have a Master's degree?, * Bachelor's degree or equivalent combination of education and experience required.

  • Master's degree preferred.
  • 8-10 years of work-related experience required.

Required Certification:

  • ISC² CCSLP (Certified Secure Software Lifecycle Professional)

Optional / Recommended Certifications:

  • GIAC GWAPT (GIAC Web Application Penetration Tester) - if not already obtained
  • Offensive Security OSWE (Offensive Security Web Expert)
  • GIAC GCSA (GIAC Cloud Security Automation)
  • ISC² CCSP (Certified Cloud Security Professional)
  • ISC² CGRC (Certified in Governance, Risk and Compliance)

Benefits & conditions

Pulled from the full job description

  • Health insurance
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Dental insurance
  • Life insurance
  • Disability insurance, We offer our employees a robust compensation package! Our comprehensive benefits include: medical, dental and vision insurance coverage; 100% company-paid life and disability coverage, 401k options with company match, three weeks PTO by the end of the first year and much more. Allied proudly promotes from within as part of a strong commitment to providing career growth opportunities for employees of all levels. Our diverse business portfolio allows employees broad career options with the advantage of staying with the same organization.

Apply for this position