Role: Application Security Engineer
Duration: Houston, TX Onsite
Location: 12+ Month
Key Responsibilities
Implement, manage, and optimize SAST and DAST tools across application environments
Integrate security testing into CI/CD pipelines (DevSecOps practices)
Perform code reviews and vulnerability assessments
Identify, triage, and remediate application vulnerabilities (OWASP Top 10)
Partner with development teams to embed secure coding practices
Support threat modeling and security design reviews
Monitor and report on application security posture and risk trends
Assist in security incident response related to application vulnerabilities
Required Skills & Experience
Strong experience with:
o SAST tools (e.g., Checkmarx, Veracode, Fortify, SonarQube)
o DAST tools (e.g., Burp Suite, OWASP ZAP)
Solid understanding of:
o OWASP Top 10 / secure coding practices
o Web application architecture (APIs, microservices)
Experience integrating security into:
o CI/CD pipelines (Azure DevOps, GitHub, Jenkins, etc.)
Familiarity with:
o Container security (Docker, Kubernetes)
o Open-source scanning (SCA tools)
Programming/scripting knowledge (Java, Python, .NET, or similar)
Experience working with developers in an agile environment
Nice to Have
Cloud security exposure (Azure preferred)
Experience with IaC security scanning
Certifications (e.g., CSSLP, GWAPT, Security+)
Never miss an opportunity! Create an alert based on the job you applied for.
