Application Security Engineer

• We are seeking an experienced Application Security Engineer to join our Application Security Engineering team.


• Not a person in operations or governance side of the business.


• This role will lead and enhance our Software Composition Analysis (SCA) practice, partnering with development teams to strengthen secure coding practices, optimize security tooling, and improve the developer experience.


• You will play a key role in securing open-source software usage, maturing DevSecOps practices, and driving automation across the secure software development lifecycle.

Key Responsibilities

• Lead and enhance the Software Composition Analysis (SCA) program


• Manage and optimize security tools (e.g., Checkmarx One, BlackDuck)


• Partner with DevOps and engineering teams to remediate vulnerabilities


• Conduct secure code reviews, especially for third-party libraries


• Strengthen open-source security and software supply chain controls


• Support SAST, SEA, and container security initiatives


• Design and automate vulnerability management workflows


• Collaborate with risk, governance, and compliance teams for audits


• Improve CI/CD security integrations and developer enablement

Required Qualifications

• 5+ years of Information Security Engineering experience


• 5+ years in Application Security / DevSecOps


• 3+ years of hands-on experience in one or more languages (.NET, C#, Java, Rust, C++)


• Experience writing automation scripts in Python and/or PowerShell


• Strong experience with CI/CD tools (GitHub, Jenkins, Maven, Artifactory, Harness, Xray)


• Deep understanding of Secure SDLC


• Strong knowledge of OWASP Top 10 and/or CWE


• Experience with container security (Kubernetes, OpenShift)


• Experience with Jira and Confluence


• Industry certifications preferred (CISSP, CISM, CEH, etc.)

Preferred Qualifications:

• Experience leveraging AI tools for false-positive reduction and automated code remediation


• Familiarity with open-source threat intelligence platforms

What Success Looks Like

• Mature and scalable SCA practice


• Reduced open-source risk exposure


• Improved vulnerability detection and remediation efficiency


• Enhanced developer experience through automation and AI

Benefits:

• The Company offers the following benefits for this position, subject to applicable eligibility requirements: medical insurance, dental insurance, vision insurance, 401(k) retirement plan, life insurance, long-term disability insurance, short-term disability insurance, paid parking/public transportation, (paid time, paid sick and safe time, hours of paid vacation time, weeks of paid parental leave, paid holidays annually - AS Applicable)