Application Security Engineer

📋 Description

• Oversee the deployment and configuration of Wiz CSPM, working in conjunction with infrastructure and DevOps teams to improve visibility and remediation workflows.

• Design, implement, and manage security tools for applications and cloud environments on AWS, including Security Hub, GuardDuty, Macie, Inspector, and related automation.

• Administer secure code scanning processes by integrating SAST (Static Analysis) and DAST (Dynamic Analysis) using Sonar Cloud to identify and address vulnerabilities early in the Software Development Life Cycle (SDLC).

• Develop automated pipelines and playbooks for vulnerability triage, remediation tracking, and metric reporting (MTTD, MTTR).

• Collaborate with software engineering teams to integrate security into CI/CD pipelines and promote secure coding practices.

• Work with the Security, IT, and GRC teams to ensure compliance with SOC 2, HIPAA, and SOX controls.

• Contribute to threat modeling, code reviews, and incident response related to application vulnerabilities.

• Assess and implement new security tools and processes to bolster the overall application security posture.

• Assist in vendor risk assessments and penetration testing efforts pertaining to application components.

• Create and maintain security documentation, architecture diagrams, and operational runbooks.

• Participate in on-call rotations as part of the overarching security operations program.

• Perform other duties as assigned.

⛳️ Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience).

• 1-3+ years of experience in Application Security, DevSecOps, or Cloud Security Engineering roles.

• Practical experience with AWS security services (Security Hub, GuardDuty, Inspector, Macie, IAM, KMS).

• Knowledge of Wiz or similar CSPM platforms.

• Demonstrated experience integrating SAST/DAST tools (e.g., Soar Cloud, Veracode, Snyk, Checkmarx, Burp Suite, etc.) into CI/CD pipelines.

• Familiarity with Docker, Kubernetes, and microservices architectures.

• Experience with WAF, endpoint security, and IAM.

• Strong understanding of the secure software development lifecycle (SSDLC) and common vulnerabilities (OWASP Top 10, CWE, CVSS).

• Proficiency in at least one scripting or automation language (Python, Bash, or similar).

• Proficiency in Java.

• Knowledge of threat modeling, code reviews, and best practices for cloud infrastructure security.

• Excellent collaboration and communication skills, able to engage with both technical and non-technical stakeholders.

• Experience with compliance frameworks such as SOC 2, HIPAA, or HiTrust is advantageous.

• Experience in a high-growth or regulated environment is preferred.

• This is a remote opportunity based in the U.S., with a preferred location in the EST timezone. Applicants must be authorized to work for any employer in the U.S. We are currently unable to sponsor or take over sponsorship of an employment Visa.

🏝️ Benefits

• A competitive compensation package aligned with leading technology companies.

• A remote and accomplished global team.

• Opportunity for equity participation.

• Unlimited vacation with manager approval.

• 16 weeks of 100% paid parental leave for delivering parents and 8 weeks of 100% paid parental leave for non-delivering parents.

• 100% employer-sponsored healthcare, dental, and vision coverage for you, with 80% coverage for your family; Health Savings Account and Flexible Spending Account options available.

• 401k retirement savings plan.