HonorVet Technologies. We''re a veteran-owned IT staffing firm,
ISO 9001 and
ISO 27001 certified, working with federal agencies, state governments, and Fortune 500 enterprise clients across the US. What makes us different isn''t a tagline; it''s the way we work. We don''t forward resumes and hope for the best. We take the time to understand where a professional like you is headed and only reach out when we genuinely believe there''s a fit worth exploring.
Title: Application Security AI EngineerLocation: Remote
Duration: 12 Months (Potential Extension)
Employment Type: Contract Position SummaryWe are seeking an experienced
Application Security AI Engineer to join a dynamic Application Security team. This role focuses on securing enterprise applications by managing application security vulnerabilities, supporting software supply chain security initiatives, and implementing AI-powered security solutions to improve vulnerability detection, analysis, and remediation.
The ideal candidate will have strong hands-on experience with application security testing, vulnerability management, secure software development practices, and emerging AI-driven security technologies.
Key Responsibilities- Perform application security triage across Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST) findings.
- Validate and prioritize critical and high-risk vulnerabilities through exploitability analysis, false-positive verification, risk assessment, and remediation guidance.
- Investigate and coordinate responses for critical security events, threat intelligence alerts, and emergency patching activities, ensuring timely mitigation and resolution.
- Monitor newly disclosed vulnerabilities and emerging security threats, providing actionable recommendations to development and security teams.
- Design, evaluate, and implement AI-assisted application security solutions that improve vulnerability detection, code analysis, remediation recommendations, and security workflow automation while maintaining appropriate human oversight.
- Support the evaluation, testing, and secure adoption of AI-based security tools by conducting proof-of-concept assessments, validating security controls, reviewing data handling practices, and documenting governance requirements.
- Enhance software supply chain security by securing open-source dependencies, managing Software Bill of Materials (SBOM), identifying malicious packages, evaluating dependency health, and enforcing security policies across development pipelines.
- Improve the security of developer environments by assessing IDEs, plugins, extensions, package managers, code-assist tools, and CI/CD integrations for potential security risks and misconfigurations.
- Develop automation using scripting, APIs, and security platform integrations to streamline application security operations and vulnerability management processes.
- Collaborate closely with development, DevSecOps, and security teams to communicate security risks, recommend remediation strategies, and support secure software development practices.
Required Qualifications- Minimum 3+ years of experience with Code Scanning.
- Minimum 3+ years of experience with Software Composition Analysis (Open Source Scanning).
- Minimum 3+ years of experience with Static (SAST) and Dynamic (DAST) Application Security Testing.
- Strong experience triaging application security findings and managing high-severity vulnerabilities through remediation and closure.
- Hands-on experience with scripting, automation, APIs, CI/CD pipelines, developer tools, or security platform integrations.
- Practical experience working with AI-enabled security tools, large language models (LLMs), coding assistants, AI governance, model evaluation, or AI-assisted security workflows.
- Solid understanding of software supply chain security, including open-source dependency management, SBOM, package security, and developer tooling protection.
- Experience securing developer environments, including IDEs, plugins, package managers, CI/CD platforms, and code repositories.
- Strong analytical, troubleshooting, and problem-solving skills.
- Excellent communication skills with the ability to explain technical security findings and remediation recommendations to both technical and non-technical stakeholders.
Required Skills- Application Security
- Software Composition Analysis (SCA)
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Code Scanning
- Open Source Security
- Vulnerability Management
- Threat Intelligence
- Software Supply Chain Security
- Secure SDLC
- AI Security Tools
- Large Language Models (LLMs)
- APIs & Automation
- CI/CD Security
- Developer Tooling Security
- Scripting (Python, PowerShell, Bash, or similar)
Preferred Qualifications- Experience implementing AI-powered security solutions or security automation.
- Knowledge of secure software development lifecycle (SSDLC) practices.
- Familiarity with cloud application security and DevSecOps methodologies.
- Experience working with enterprise vulnerability management platforms and modern application security tools.
Never miss an opportunity! Create an alert based on the job you applied for.
