Application Security Engineer (ASE) Vulnerability Operations

Charlotte, NC, US • Posted 11 hours ago • Updated 11 hours ago
Full Time
On-site
$140,000 - $160,000/yr
Company Branding Image
Fitment

Dice Job Match Score™

⭐ Evaluating experience...

Job Details

Skills

  • API
  • Amazon Web Services
  • Analytics
  • Artificial Intelligence
  • CISSP
  • Cloud Computing
  • Communication
  • Computer Science
  • Continuous Delivery
  • Continuous Improvement
  • Continuous Integration
  • Cyber Security
  • Dashboard
  • Design Patterns
  • Design Review
  • Good Clinical Practice
  • Google Cloud Platform
  • Grafana
  • KPI
  • Machine Learning (ML)
  • Management
  • Mentorship
  • Microservices
  • Microsoft Azure
  • Microsoft Power BI
  • Migration
  • OSCP
  • OWASP
  • Onboarding
  • Oracle Policy Automation
  • Presentations
  • Regulatory Compliance
  • Reporting
  • SCA
  • Security Architecture
  • Security Controls
  • Software Security
  • Stakeholder Engagement
  • Strategic Leadership
  • Supply Chain Management
  • Threat Modeling
  • Tier 1
  • Tier 3
  • Training
  • Vulnerability Management
  • Workflow

Summary

Hi,

Senior Application Security Engineer Vulnerability Operations

Role Summary:

The Senior Application Security Engineer serves as a technical and operational leader within the Vulnerability Operations function. This role drives large-scale adoption of application security controls, partnering closely with engineering teams and the Application Security Champion community to ensure secure design, development, and deployment across the enterprise. You will lead strategic control rollouts, guide vulnerability governance, address emerging threat classes, and provide expert escalation support for the most complex AppSec issues.

Key Responsibilities:

Strategic Leadership & Program Enablement

Lead the enterprise-wide operationalization of AppSec controls, ensuring scalable integration across CI/CD pipelines and diverse engineering environments.

Partner with the Application Security Champion team to embed secure development practices, coordinate training, share emerging vulnerability insights, and drive decentralized security ownership.

Own the tiered security control strategy (Tier 1 3), defining quarterly migration targets and ensuring cross-portfolio alignment.

Advanced Vulnerability & Threat Management

Act as subject-matter expert for advanced and emerging vulnerability classes (e.g., supply chain risks, AI/ML application threats, container/Serverless misconfigurations, emerging OWASP categories).

Lead complex vulnerability triage and remediation efforts; facilitate cross-team deep-dive sessions to drive prioritization and timely mitigation.

Conduct proactive threat modeling and security design reviews for high-risk or business-critical applications.

Automation & CI/CD Security Architecture

Architect scalable CI/CD integrations for SAST, DAST, SCA, and secrets scanning using policy-as-code, automated gating, and risk-based controls.

Implement and optimize Tier 3 merge-prevention and build-failure gates, ensuring engineering teams meet strict compliance requirements.

Develop reusable automation frameworks, scanning templates, and pipeline modules to accelerate secure software delivery.

Governance, Reporting & Stakeholder Engagement

Design and maintain KPIs, scorecards, and compliance dashboards using analytics platforms (Power BI, Grafana, or equivalent).

Lead risk review forums, document mitigations, publish weekly risk register updates, and deliver executive-level insights on trends, gaps, and emerging threats.

Oversee quarterly migration planning, dependency tracking, and cross-team alignment on AppSec program objectives.

Mentor AppSec Specialists and upskill partner engineering teams on tools, governance workflows, and emerging security techniques.

Emerging Vulnerabilities & Continuous Improvement

Stay current with modern vulnerability trends (e.g., supply chain risks, API threats, cloud-native issues).

Evaluate tool outputs, identify false positives, and provide actionable remediation guidance.

Recommend improvements to scanning processes, workflows, and onboarding procedures.

Required Qualifications & Skills:

Bachelor s or Master s in Computer Science, Cybersecurity, or related field.

7+ years of experience in Application Security engineering, vulnerability management, or secure development.

Expertise in advanced AppSec concepts: secure design patterns, threat modeling, exploit analysis, and remediation strategy for modern architectures (microservices, APIs, cloud-native).

Proven experience leading CI/CD-integrated security automation (SAST, DAST, SCA, secrets scanning, IaC scanning).

Strong track record of working with engineering organizations and AppSec Champions to drive program adoption.

Demonstrated ability to interpret complex vulnerability trends, emerging threats, and zero-day risk scenarios.

Excellent communication, executive presentation skills, and ability to influence senior technical leaders.

Preferred Qualifications:

Hands-on experience with cloud-native security tooling across AWS, Azure, or Google Cloud Platform.

Certifications: CISSP, CSSLP, OSWE, OSCP, GWAPT, or equivalent industry credentials.

Familiarity with policy and governance tools (OPA/Gatekeeper), software supply chain frameworks (SLSA, SBOM), and Infrastructure-as-Code security.

Experience designing or contributing to AppSec Champion programs or federated security enablement models.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10411276
  • Position Id: 9029126
  • Posted 11 hours ago

Company Info

About K-Tek Resourcing LLC

Vision

To be a trusted partner and advisor to our customers

Mission

At K-Tek we believe in understanding the specific needs of the customer and tailor-creating innovative solutions to meet these needs. We invest in our employees and customers. We build a relation of trust with our customers through empathy, solutions and being the first time right.

Who We Are & What We Do

K-Tek Resourcing is a consulting organization with offices in Houston TX and St. Paul, MN. It is supported by 2 global delivery centers, located in India. With its global employee strength of over 250, K-Tek has been supporting its clients for over 9 years. We have been consistently achieving a growth of 30% Year on Year. We have an extensive experience of working in domains including BFSI, Retail, Healthcare and Pharma, Oil & Gas, Travel & Hospitality and Insurance. The technologies we service are IT Infrastructure, Mobile Technologies, Cloud & Big Data Solutions. We understand the needs of our customers and provide them with customized solutions and resources with the tenet of being the "First Time Right".

Values

-Commitment to our customers success through Integrity

-Excellence through Quality

-Growth through customer value creation

About_Company_One
Contact the job poster
AS

Avantika Sharma

Recruiter @ K-Tek Resourcing LLC
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Remote or Hybrid in Mount Laurel Township, New Jersey

Today

Easy Apply

Contract

55 - 58

New York, New York

7d ago

Easy Apply

Contract

Depends on Experience

Search all similar jobs