Sr. Application Security Testing Engineer
Role details
Job location
Tech stack
Job description
As a Sr. Application Security Testing Engineer, you will serve as a technical expert responsible for identifying, validating, and reducing application security risk across 3M's application ecosystem. You will work directly with application and development teams to embed security into design and delivery processes while strengthening enterprise application security capabilities., Management
- Act as a subject matter expert supporting application security testing program execution.
- Contribute to application security standards and playbooks.
- Support planning and prioritization of application security testing activities.
Technical
- Perform application security testing including SAST, DAST, SCA, and manual validation.
- Conduct threat modeling and secure design reviews for new and existing applications.
- Validate findings and work with developers to drive effective remediation.
- Integrate security tooling into CI/CD pipelines using platforms such as GitHub and Azure DevOps.
Organizational
- Partner with application, development, platform, and cloud teams to embed secure coding practices.
- Provide clear technical documentation and risk summaries for stakeholders.
- Support audits, penetration testing coordination, and compliance evidence collection.
- Contribute to security awareness and secure development training initiatives., All US-based 3M full time employees will need to sign an employee agreement as a condition of employment with 3M. This agreement lays out key terms on using 3M Confidential Information and Trade Secrets. It also has provisions discussing conflicts of interest and how inventions are assigned. Employees that are Job Grade 7 or equivalent and above may also have obligations to not compete against 3M or solicit its employees or customers, both during their employment, and for a period after they leave 3M.
Learn more about 3M's creative solutions to the world's problems at www.3M.com or on Instagram, Facebook, and LinkedIn @3M.
Responsibilities of this position include that corporate policies, procedures and security standards are complied with while performing assigned duties.
Safety is a core value at 3M. All employees are expected to contribute to a strong Environmental Health and Safety (EHS) culture by following safety policies, identifying hazards, and engaging in continuous improvement.
Requirements
- Bachelor's degree in Cybersecurity, Computer Science, or technology field (completed and verified prior to start)
- Three (3) years of experience in application security or secure software development in a private, public, government or military environment
Additional qualifications that could help you succeed even further in this role include:
- Experience using common SAST and DAST tools, as well as performing source code analysis to identify and assess application security vulnerabilities
- Certifications such as GWAPT, OSCP, or CSSLP are a plus, * Strong hands-on experience in application security testing and validation
- Knowledge of OWASP Top 10, secure coding patterns, and threat modeling
- Experience with modern development stacks and CI/CD pipelines
- Strong analytical, communication, and documentation skills
- Ability to collaborate effectively across application, development, engineering and security teams
Benefits & conditions
Applicable to US Applicants Only:The expected compensation range for this position is $164,612 - $201,193, which includes base pay plus variable incentive pay, if eligible. This range represents a good faith estimate for this position. The specific compensation offered to a candidate may vary based on factors including, but not limited to, the candidate's relevant knowledge, training, skills, work location, and/or experience. In addition, this position may be eligible for a range of benefits (e.g., Medical, Dental & Vision, Health Savings Accounts, Health Care & Dependent Care Flexible Spending Accounts, Disability Benefits, Life Insurance, Voluntary Benefits, Paid Absences and Retirement Benefits, etc.). Additional information is available at: https://www.3m.com/3M/en_US/careers-us/working-at-3m/benefits/.