Role: Cloud Application Security Consultant Location: fully remote Duration: 6+ Months
35 hours per week
W2 role
Description:
3+ years of offense and defense application security experience with demonstrated hands-on expertise in SAST and SCA tools such as Checkmarx and Synk, including findings triage, ruleset tuning, and managing vulnerability lifecycle across enterprise environments
Strong understanding of OWASP Top Ten and broader web and API vulnerabilities, including practical remediation techniques within enterprise environments
Knowledge of web and mobile application development and deployment methodologies
Hands-on experience securing AWS cloud environments, including Lambda, API Gateway, IAM, and S3, with experience operating cloud-native security platforms such as Orca Security, Wiz, or Prisma Cloud to surface and remediate risk across workloads and infrastructure
Ability to read and reason about code in languages such as Node.js, JavaScript, Java, or Python. Ability to sufficiently perform meaningful secure code review, validate SAST/SCA findings, and collaborate credibly with engineering teams on remediation
Experience working with change management and release governance processes within production environments
Strong project management and communication skills with the ability to represent cybersecurity requirements across technical and business stakeholders
Solid understanding of agile methodologies, DevSecOps practices, and CI/CD pipeline integration
Familiarity with security threat intelligence sources and how they inform application-layer defenses
Experience partnering with development teams to drive security remediation by running working sessions, building runbooks, and supporting secure coding adoption through a developer-first engagement model.
Never miss an opportunity! Create an alert based on the job you applied for.
