Application Security Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Execute client SAST, DAST, and SCA tools, analyze results, and offer recommendations;

• Integrate tools into pipelines, ticketing systems, and other environments;

• Work in partnership with developers to deliver secure design recommendations and remediation plans;

• Knowledgeable in CI/CD systems (such as GitHub) and the integration of software security tools into the development process;

• Solid grasp of web application security principles and industry best practices;

• Oversee, maintain, and operate application security tools, including their configuration, tuning, and automation.

⛳️ Requirements

• Bachelor’s degree in Computer Science, Information Systems, or Information Security, along with 4 years of progressive experience as a security engineer, security analyst, or in a similar role focusing on Application Security.

• A minimum of 2 years’ experience with each of the following:

• Integrated Development Environment (IDE) and Continuous Integration/Continuous Delivery (CI/CD) pipeline tools and methodologies (e.g., Azure DevOps, Jenkins, Bamboo, etc.);

• Secure Development Lifecycles and experience addressing technical vulnerabilities flagged by web application scanning tools;

• Information Systems architecture, security control design, and development expertise;

• Proficiency in manual testing tools like Burp Suite Pro; Familiarity with and experience using SAST/DAST/SCA Application Security tools (such as Invicti (DAST) or Checkmarx (SAST/SCA);

• Experience integrating tools into development pipelines;

• Knowledge of and experience in understanding and mitigating Application Security vulnerabilities;

• Experience reviewing source code in languages including JavaScript, Python, Java, C++, PHP, or C#.

🏝️ Benefits

• Primarily remote workforce (U.S. based only; some travel may be necessary for certain roles, on-site work may be required for Federal positions).

• Group Medical Insurance options: Zero Deductible PPO Plan (GuidePoint covers 90% of the employee premium and 70% for family plans (spouse/children/family) or High Deductible Health Plan with HSA (GuidePoint covers 100% of employee premiums and 75% for family plans (spouse/children/family). For those opting for the High Deductible / HSA plan, GPS will contribute in 4 equal quarterly installments: ($850 per employee annually / $1750 per family annually (including spouse/children/family options).

• Group Dental Insurance: GuidePoint pays 100% of the employee premium and 75% of family plans.

• 12 corporate holidays and a Flexible Time Off (FTO) program.

• Healthy mobile phone and home internet allowance.

• Eligibility for retirement plan after 2 months at open enrollment.

• Pet Benefit Option.