Information Security Engineer

Location: Iselin, NJ
Salary: $76.00 USD Hourly - $82.00 USD Hourly
Description:
Job Title: Senior Application Security Engineer (Contingent Worker)
Location: Remote (Iselin, NJ - Consultants not permitted onsite)
Job Type: Contract / Contingent Resource
About the Role

We are seeking a highly skilled and experienced Senior Application Security Engineer to join our Information Security Engineering team. In this role, you will consult on complex, large-scale security initiatives, drive strategic planning, and contribute to the design and implementation of secure development practices across the organization. You will collaborate with cross-functional teams to enhance security automation, manage vulnerability workflows, and support compliance efforts.
Key Responsibilities

• Manage and maintain security automation tools, with a focus on Software Composition Analysis (SCA) tools such as Checkmarx One and BlackDuck.
• Collaborate with internal teams (e.g., ServiceNow AVR, DevOps, Vulnerability Operations) to ensure SCA vulnerabilities are identified, tracked, and remediated in alignment with security policies.
• Partner with security architecture teams to design and optimize vulnerability management workflows and developer experience.
• Deliver security training and outreach to internal development teams.
• Conduct adversarial security analysis and recommend tools and best practices to meet evolving application security requirements.
• Support audits (e.g., SOC 2, PCI-DSS) in collaboration with governance, risk, and compliance teams.
• Work with CTO pipeline teams to enhance code quality, open-source security, code signing, and SBOM (Software Bill of Materials) generation.
• Analyze and support container security platforms and tools.
• Design and implement advanced security solutions to secure open-source software supply chains.

Minimum Qualifications

• 5+ years of experience in Information Security Engineering or equivalent experience through work, consulting, military service, or education.

Preferred Qualifications

• 7+ years of experience in Application Security and DevSecOps, with a strong track record of collaborating with developers to implement secure development practices.
• Proficiency in one or more programming languages such as .NET C#, Java, Rust, or C++.
• Experience scripting in Python or PowerShell for automation.
• Hands-on experience with CI/CD tools and technologies (e.g., GitHub, Jenkins, Maven, Artifactory, Harness, Xray).
• Deep understanding of the Secure Software Development Lifecycle (SSDLC).
• Strong knowledge of OWASP Top 10 and CWE.
• Experience documenting SCA procedures and tool configurations.
• Familiarity with AI tools for false positive reduction, auto-remediation, and open-source threat intelligence.
• Proficiency with Jira and Confluence.
• Strong analytical and problem-solving skills.
• Relevant certifications such as CISSP, CISM, or CEH.
• Experience with container security technologies (e.g., Kubernetes, OpenShift).
• Experience generating SBOMs using CycloneDX or SPDX and working with dependency tracking tools.

By providing your phone number, you consent to: (1) receive automated text messages and calls from the Judge Group, Inc. and its affiliates (collectively "Judge") to such phone number regarding job opportunities, your job application, and for other related purposes. Message & data rates apply and message frequency may vary. Consistent with Judge's Privacy Policy, information obtained from your consent will not be shared with third parties for marketing/promotional purposes. Reply STOP to opt out of receiving telephone calls and text messages from Judge and HELP for help.

Contact:

This job and many more are available through The Judge Group. Please apply with us today!