Hiring For Lead Application Security Engineer @ Scotttsdale, AZ
Role details
Job location
Tech stack
Job description
We are seeking a Lead Application Security Engineer to drive secure software development practices while providing hands-on technical leadership across our application portfolio. This role combines deep expertise in Application Security with strong Software Engineering leadership, ensuring that security is embedded throughout the software development lifecycle.
The ideal candidate is a highly skilled engineer who can assess and remediate application vulnerabilities, establish secure coding standards, influence architectural decisions, and actively contribute to the design and development of modern applications built on Java, Spring Boot, Angular, and Microservices. This individual will serve as a trusted advisor to both engineering teams and leadership, championing solutions that balance security, performance, scalability, and business objectives., * Lead application security assessments, vulnerability management, and remediation efforts across enterprise applications.
- Perform and interpret SAST, DAST, and SCA scans using tools such as Veracode, Checkmarx, Fortify, or equivalent platforms.
- Identify, prioritize, and drive remediation of security vulnerabilities, providing guidance on secure coding practices.
- Design and implement security controls for REST APIs, including authentication, authorization, input validation, and data protection.
- Develop security standards, policies, and best practices aligned with OWASP and industry frameworks.
- Produce risk assessments, vulnerability reports, and executive-level security metrics.
- Participate in architecture and design reviews to proactively identify and mitigate security risks.
- Evaluate AI-generated code and leverage AI-assisted security tools to improve security operations and developer productivity.
- Support compliance, audit, and regulatory security requirements.
Engineering Leadership
- Provide technical leadership for application design, development, and delivery.
- Serve as a hands-on contributor, developing and reviewing code across Java, Spring Boot, Angular, and Microservices architectures.
- Establish engineering standards that promote high-quality, secure, and maintainable software.
- Guide architecture decisions, system integrations, and application modernization initiatives.
- Collaborate with stakeholders to translate business requirements into scalable technical solutions.
- Mentor and coach development teams on secure coding, software design, and engineering best practices.
- Drive continuous improvement in application quality, performance, reliability, and security.
Requirements
- Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience).
- 5+ years of Application Security experience, including vulnerability assessment and remediation.
- 7+ years of Software Development experience with Java and Angular/AngularJS technologies.
- 3+ years of Technical Leadership or Lead Engineering experience.
- Strong expertise in Java, Spring Boot, Spring Security, REST APIs, Microservices, JavaScript, TypeScript, Angular, HTML/CSS, SQL, Git, Maven, JUnit, and Mockito.
- Hands-on experience with application security tools and methodologies, including SAST, DAST, and SCA.
- Deep understanding of OWASP Top 10, secure SDLC practices, and API security.
- Experience securing applications using OAuth2, JWT, and modern authentication frameworks.
- Strong communication, problem-solving, and stakeholder management skills., * Experience with GitHub Copilot, AI-assisted security tools, AWS, GCP, Rancher, Jira, Drupal, Burp Suite, Checkmarx, or Fortify.
- Security certifications such as CSSLP, GWAPT, CEH, or equivalent.
- Experience in Agile development environments and enterprise-scale application delivery.
Benefits & conditions
$180,000 - $200,000 a year - Permanent, Full-time, Pulled from the full job description
- 401(k)
- Health insurance
- 401(k) matching
- Vision insurance
- Dental insurance
- Life insurance
- Employee assistance program, * 401(k)
- 401(k) matching
- Dental insurance
- Employee assistance program
- Health insurance
- Life insurance
- Vision insurance