AI Application Security Engineer /Threat Modeling AI Security

Application Security Engineer Threat Modeling & AI Security
Location: Charlotte, NC, Chandler, AZ, or Irving, TX (Las Colinas)
Work Schedule: Hybrid 3days onsite / 2days remote
Payrate: $80-95/hr
Interview Process: 2 rounds of onsite interviews (approximately 1 hour each)
Contract Duration: Opportunity for extension and/or conversion

Position Overview

• We are seeking an experienced Application Security Engineer with strong expertise in Threat Modeling, Secure Architecture Reviews, and AI/LLM Security. This role will focus on conducting and automating application threat modeling processes, partnering with engineering teams to identify security risks early in the software development lifecycle, and implementing scalable security solutions for modern cloud-native and AI-enabled applications.


• The ideal candidate will have a strong software engineering foundation, hands-on application security experience, and the ability to decompose complex application architectures to identify threats, security gaps, and remediation strategies.

Required Qualifications

• 7+ years of Application Security Engineering experience.


• 2+ years of hands-on Threat Modeling experience.


• Experience conducting application architecture reviews and decomposing complex systems into components, trust boundaries, and data flows.


• Experience developing and implementing automated threat modeling solutions.


• Experience building and securing AI/LLM-based applications in enterprise production environments.


• Strong understanding of secure application design and architecture principles.


• Experience identifying and mitigating common application security vulnerabilities, including OWASP Top 10 risks.


• Experience working with cloud-native applications and distributed systems.


• Strong verbal and written communication skills with the ability to influence technical and non-technical stakeholders.

Key Responsibilities

• Conduct application threat modeling and architecture risk assessments.


• Analyze application designs, data flows, and trust boundaries to identify security risks.


• Develop and implement automated threat modeling capabilities and scalable security solutions.


• Partner with engineering teams to embed security throughout the software development lifecycle.


• Provide guidance on secure design, secure coding practices, and remediation strategies.


• Evaluate and secure AI/LLM-based applications and services.


• Support the implementation of application security controls across cloud-native environments.


• Collaborate with stakeholders to establish security standards, patterns, and reference architectures.


• Drive security improvements through automation, tooling, and developer enablement initiatives.

Desired Qualifications

• Expertise in secure coding practices and code-level vulnerability analysis.


• Experience with threat modeling methodologies such as STRIDE, PASTA, or attack trees.


• Strong understanding of authentication, authorization, session management, API security, and secrets management.


• Experience securing applications developed in Java, .NET, Python, JavaScript/TypeScript, Node.js, Go, or similar technologies.


• Experience integrating security controls into CI/CD pipelines and developer workflows.


• Hands-on experience with SAST, SCA, DAST, IaC scanning, container security, API security testing, software supply chain security, and runtime protection technologies.


• Experience securing AI-enabled applications and advising development teams on AI/LLM security best practices.


• Experience designing security controls for AWS, Azure or any Cloud environments.


• Knowledge of software supply chain security, SBOMs, dependency risk management, artifact integrity, and package governance.


• Familiarity with Zero Trust architectures, policy-as-code, and secure platform engineering practices.


• Previous experience serving as a Security Champion, Application Security Lead, or embedded security engineer within development teams.


• Relevant certifications such as CSSLP, CISSP, CCSP, GIAC GWEB, or GIAC GWAPT.

The Company offers the following benefits for this position, subject to applicable eligibility requirements: medical insurance, dental insurance, vision insurance, 401(k) retirement plan, life insurance, long-term disability insurance, short-term disability insurance, paid parking/public transportation, paid time off, paid sick and safe time, hours of paid vacation time, weeks of paid parental leave, and paid holidays annually as applicable.