Position Title: Application Security Consultant
Location: Fully Remote
Duration: 3 months Contract through August 2026
Schedule: Approximately 35 hours/week
2 Openings:
- 1 Hybrid role in Parsippany, NJ
- 1 Fully Remote role
Overview
Client is seeking an experienced Application Security Consultant to support and enhance its enterprise application security program. This role will focus on securing web, mobile, and cloud-native applications by integrating security throughout the software development lifecycle.
The ideal candidate will collaborate closely with engineering, cloud, DevOps, and business teams to ensure security is embedded into application design, development, deployment, and production operations while balancing business functionality and delivery timelines.
This is a highly collaborative, cross-functional role with direct impact on the organization’s enterprise security posture.
Key Responsibilities
Application Security Architecture & Engineering
- Lead secure design and implementation efforts across web, mobile, and AWS cloud-native environments
- Conduct application security architecture reviews and threat assessments
- Integrate security controls into CI/CD pipelines and DevSecOps workflows
- Support security initiatives involving AWS services including Lambda, API Gateway, IAM, and S3
Vulnerability Management & Code Security
- Administer, configure, and optimize SAST/SCA tools such as Checkmarx and Snyk
- Perform vulnerability triage, prioritization, and remediation guidance
- Validate remediation efforts and ensure secure release readiness
- Ensure alignment with OWASP Top Ten and secure coding best practices
Application Protection & Monitoring
- Manage and enhance application-layer security controls
- Tune policies and improve detection capabilities while minimizing performance impact
- Support application protection technologies including WAF and related controls
Release & Production Security
- Partner with change management and release teams to support secure production deployments
- Participate in go-live planning and production readiness activities
- Ensure security stability and resilience during deployment cycles
Security Advisory & Stakeholder Engagement
- Serve as a trusted security advisor for engineering and business teams
- Participate in project planning, architecture discussions, and technical reviews
- Provide practical, risk-based security recommendations
Reporting & Program Support
- Track vulnerabilities and remediation metrics
- Support enterprise application security maturity initiatives
- Contribute to documentation, operational runbooks, and reporting activities
Additional Responsibilities
- Support automation of security testing and operational processes
- Assist with penetration testing coordination and secure code review activities
- Contribute to developer education and secure coding initiatives
- Participate in security working sessions and cross-functional collaboration efforts
Required Qualifications
- 3+ years of hands-on Application Security experience
- Strong experience with SAST/SCA tools including:
- Deep understanding of:
- OWASP Top Ten
- Web application vulnerabilities
- API security risks
- Experience securing AWS environments including:
- AWS Lambda
- API Gateway
- IAM
- S3
- Experience integrating security into CI/CD and DevSecOps pipelines
- Ability to review and analyze code in:
- JavaScript
- Node.js
- Java
- Python
- Understanding of change management and release management processes
- Experience working within Agile environments
- Strong communication and stakeholder engagement skills
Preferred Qualifications
- Experience with cloud security platforms such as:
- Experience with application-layer protection technologies:
- Exposure to threat intelligence within Application Security programs
- Experience conducting developer enablement or security training sessions
Technical Environment
- AWS Cloud
- DevSecOps / CI-CD Pipelines
- Checkmarx
- Snyk
- Cloud Security Platforms
- Web & Mobile Applications
- Agile Delivery Environment
Never miss an opportunity! Create an alert based on the job you applied for.
