Application Security Engineer
Application Security Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Who we are
Were a leading global security authority thats disrupting our own category. Our encryption is trusted by the major ecommerce brands the worlds largest companies the major cloud providers entire country financial systems entire internets of things and even down to the little things like surgically embedded pacemakers. We help companies put trust - an abstract idea - to work. Thats digital trust for the real world.
Job summary
As an Application Security Engineer within our cybersecurity team you will help safeguard the companys web applications and services by supporting the integration of security practices into the Software Development Life Cycle (SDLC). You will collaborate with development DevOps and security teams to identify assess and remediate vulnerabilities contribute to secure coding practices and assist in implementing DevSecOps tooling and processes. This role is ideal for someone with a strong technical foundation who is eager to grow within the product/application security space.
What you will do
- Support the integration of security controls and best practices across various phases of the SDLC.
- Assist in security assessments including static and dynamic code analysis open-source dependency analysis and limited penetration testing.
- Participate in manual and automated code reviews to identify potential vulnerabilities and coding flaws.
- Collaborate with software engineers to promote secure development practices including the use of security testing tools in CI/CD pipelines.
- Contribute to the evaluation deployment and tuning of DevSecOps tools such as SAST DAST and SCA platforms.
- Help maintain secure deployment workflows and support security automation efforts.
- Participate in cross-functional security reviews of new features and systems with guidance from senior engineers.
- Stay up to date on current security threats vulnerabilities and best practices in application security.
- Assist with triaging vulnerabilities from internal scans bug bounty submissions or external assessments.
- Document processes and playbooks to support consistent and scalable security practices.
- Provide input to the development of internal security standards and reference architectures.
- Support remediation efforts in collaboration with engineering teams.
- Participate in promoting a security-first culture across the organization.
- Other duties and responsibilities as assigned.
What you will have
- Bachelors degree in computer science cybersecurity or a related technical field.
- 2 years of experience in cybersecurity software engineering or DevOps with at least 1 years focused on application or product security.
- Experience with programming/scripting languages such as Python JavaScript or Java
- Familiarity with DevSecOps tools (SAST DAST SCA) and secure SDLC methodologies.
- Solid understanding of common web application vulnerabilities (e.g. OWASP Top 10 CWE) and remediation strategies.
- Ability to analyze code and spot security issues with guidance.
- Strong communication and collaboration skills.
- Strong attention to detail and willingness to learn new technologies.
Nice to have
- Hands-on experience with CI/CD pipelines (e.g. GitHub Actions GitLab CI Jenkins).
- Familiarity with security standards and frameworks such as NIST OWASP SAMM ISO 27001 or PCI DSS.
- Experience working in a regulated environment (e.g. financial services healthcare or government).
- Professional certifications such as Security CEH eJPT or equivalent (OSCP or similar preferred but not required).
- Exposure to cloud platforms such as AWS Azure or GCP.
- Experience contributing to or managing a bug bounty triage process.
Benefits
- Generous time off policies
- Top shelf benefits
- Education wellness and lifestyle support
#LI-SD1
Employment Type
Full Time
