Cybersecurity Engineer III

Overview

On Site
Contract - Independent
Contract - W2
Contract - longterm

Skills

cybersecurity

Job Details

Cybersecurity Engineer III
Remote (must support Central Time Zone)
6-month contract

Visa :

Look for someone from financial banking domain.



Our client is seeking a hands-on Application Security Engineer to join our security engineering team. This person will work closely with development teams to secure applications throughout the software development lifecycle. The focus will be on GitHub Advanced Security and other code scanning solutions, identifying and remediating vulnerabilities, and helping developers prove out false positives.

The ideal candidate is a former developer who transitioned into security, with strong technical expertise in application security tooling, vulnerability analysis, and remediation. Experience with integrating AI models into applications and testing security guardrails in chatbots or other AI-powered features is a strong plus.

Primary Responsibilities

  • Integrate application security tools (e.g., GitHub Advanced Security, Black Duck, Kuberty, SAST/DAST/IAST tools) into development workflows.
  • Review vulnerabilities, secrets, and findings identified in repos, validate results, and separate true issues from false positives.
  • Work directly with developers to explain vulnerabilities, provide remediation guidance, and ensure fixes are implemented.
  • Perform validation and proofing of disputed vulnerabilities ( "trust but verify").
  • Apply offensive security techniques and, when necessary, leverage tools such as Burp Suite or Kali Linux to test and verify vulnerabilities.
  • Support integration of AI/ML features, ensuring proper guardrails and secure implementation of chatbot functionality.
  • Act as a subject matter expert (SME) in Application Security.

Required Skills

  • 6+ years of experience in application security, software development, or related technical roles.
  • Strong experience with GitHub Advanced Security and code scanning tools.
  • Familiarity with SAST, DAST, IAST, and software composition analysis tools (e.g., Black Duck).
  • Background in software development (e.g., experience coding in at least one modern programming language).
  • Ability to perform hands-on vulnerability validation and proofing.
  • Knowledge of offensive security testing (Burp Suite, Kali Linux, etc.).
  • Strong collaboration skills, able to partner with developers and guide secure coding practices.

Bonus Skills

  • Experience securing AI/ML-powered applications, including chatbot guardrail testing.
  • Experience with container/Kubernetes security.
  • Technical security certifications such as OSCP, GCIH, or other SANS technical certs.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.