Application Security Engineer

Major Job Roles:

Advisory and Guidance:

• Drive the adoption and integration of application security tools and practices across development streams

• Establish andmaintainprocesses foridentifying triaging and remediating vulnerabilities using automated security tooling

• Ensure security tooling is effectively embedded within CI/CD workflows to support scalable and consistent security coverage

• Advise on the integration and operationalization of application security tooling and practices ensuring development teams are equipped to implement andmaintainsecure solutions

• Support teams in developing structured processes for managing alerts and remediation

• Evaluate and recommend improvements to existing security tooling and practices based on evolving needs and threat landscape

Collaboration & Mentorship:

• Act as a liaison between security and development teams to translate security requirements into actionable work items

• Enable development teams to adopt secure development practices through coaching resources and ongoing support

• Provide mentorship and technical guidance & training on secure coding threat modeling and vulnerability management

• Collaborate with each development group toestablishcoding standardsvulnerabilityand obsolescence management

• Work with development leads to ensure scorecard compliance and continuous improvement

• PromoteDevSecOpsprinciples by advising on security automation and fostering shared responsibility

Education and Stakeholder Engagement:

• Create andmaintaindocumentation for security processes tools and standards

• Design and deliver targeted training and enablement programs tailored to development team needs and maturity levels

• Promote awareness of emerging security threats and mitigation strategies

• Engage stakeholders to align security initiatives with business goals

Liaison & Communication:

• Monitor and report on the effectiveness of security controls and posture across public-facing applications

• Communicate security risks tool performance and compliance status to leadership and stakeholders

• Coordinate with cross-functional teams to ensure alignment on governance and ownership of security tools and processes

• Define governance models for ownership lifecycle management and compliance of security tooling

Mandatory (Must-Have) Skills Required:

• Strong knowledge of application security principles and secure SDLC.

• Hands-on experience with security tools (e.g. GitHub Advanced SecuritySonarCloud SAST/SCA).

• Familiarity with OWASP Top 10 andDevSecOpspractices.

• Proficiencywith CI/CD pipelines and security automation.

• Excellent communication and collaboration skills.

• (Preferred certifications: CISSP CEH OSCP.)

Soft Skills:

• Excellent communication and collaboration skills

• Ability to translate technical security concepts into business-relevant language

• Proventrack recordof working with cross-functional teams to drive security initiatives