Senior Application Security Engineer

1 month ago


Plano, United States Fortune 500 Companies Full time

Senior Application Security Engineer


  • Job Location : Plano, Texas
  • Job Duration: Full Time / Hybrid (2-3 days in office or whenever it’s required)


** NO SPONSORSHIP FROM THE CLIENT**


Job Description

Overview

The Global Application Security Program is responsible for integrating automated security testing into both CI/CD pipelines and continuous monitoring to identify and manage security risks in applications. Our mission is to make security risks visible and actionable to the business and ensure that vulnerabilities are addressed promptly and effectively. This role involves driving the integration of automated security tools into CI/CD pipelines and developing innovative, scalable full-stack solutions, middleware, and automation solutions. This role will be responsible for executing on our strategic application security objectives, providing expert guidance on vulnerability triage and remediation, and fostering a culture of proactive security across the organization.


Responsibilities

  • Implement and manage automated security tools within CI/CD pipelines. Ensure seamless integration and operation to enhance security posture.
  • Integrate and operate a centralized findings management system to efficiently manage and track security vulnerabilities and remediation efforts.
  • Define and implement a strategy to ensure automated security tools are configured to operate in an optimal fashion. Establish and monitor key performance indicators (KPIs) to constantly measure effectiveness and make necessary adjustments for continuous improvement.
  • Develop and maintain green field automation solutions and full-stack applications to support and enhance application security.
  • Provide expert triage and remediation guidance for security vulnerabilities. Assist and mentor team members and other engineering teams in understanding and addressing security issues.
  • Foster a collaborative environment, promote knowledge sharing, and mentor junior engineers to build a strong, skilled security team.
  • Continuously research and raise novel concepts to improve the application security posture of the business. Stay updated with the latest security trends, tools, and practices.
  • Develop technical documentation (i.e., system design, architecture diagrams, data flows, and functional specifications).
  • Contribute to defining the future state of cybersecurity within the organization by conducting technical assessments between the current state and the desired state across security tools and services.
  • Develop program metrics, continuously measure progress and impact, and drive improvements.
  • Collaborate with senior leadership and cross-functional teams, including DevOps, development teams, security operations, data and analytics, enterprise architecture, Platform teams, and sector functions.


Accountabilities:

  • Implement and manage automated security tools within CI/CD pipelines. Ensure seamless integration and operation to enhance the security posture.
  • Integrate and operate a centralized findings management system to efficiently manage and track security vulnerabilities and remediation efforts.
  • Define and implement a strategy to ensure automated security tools are configured to operate in an optimal fashion. Establish and monitor key performance indicators (KPIs) to constantly measure effectiveness and make necessary adjustments for continuous improvement.
  • Develop and maintain green field automation solutions and full-stack applications to support and enhance application security.
  • Provide expert triage and remediation guidance for security vulnerabilities. Assist and mentor team members and other engineering teams in understanding and addressing security issues.
  • Foster a collaborative environment, promote knowledge sharing, and mentor junior engineers to build a strong, skilled security team.
  • Continuously research and raise novel concepts to improve the application security posture of the business. Stay updated with the latest security trends, tools, and practices.
  • Develop technical documentation (i.e., system design, architecture diagrams, data flows, and functional specifications).
  • Contribute to defining the future state of cybersecurity within the organization by conducting technical assessments between the current state and the desired state across security tools and services.
  • Develop program metrics, continuously measure progress and impact, and drive improvements.
  • Collaborate with senior leadership and cross-functional teams, including DevOps, development teams, security operations, data and analytics, enterprise architecture, Platform teams, and sector functions.
  • Execute projects, objectives, and deliverables in alignment with the team's vision, mission, and goals.
  • Create and deliver training sessions; mentor junior team members; and engage in knowledge transfer sessions, technical design reviews, security reviews, and business review meetings.


Qualifications

Years of experience

  • Master’s degree in computer science, Engineering, or a related field, or a Bachelor’s degree with a minimum of 4 years of relevant experience

Mandatory Technical Skills

  • Proficient in at least one programming language (Java, C#, Go) and scripting language (Python, bash, PowerShell).
  • Proficient in at least one database management system and query language (MSSQL, PostgreSQL, etc.)
  • Proficient in developing full-stack applications and rapidly prototyping solutions to support automated data collection, aggregation, and analysis.
  • Proficient in integrating and managing automated security tools within CI/CD pipelines.
  • Proficient in application security vulnerabilities and remediation techniques (e.g., OWASP Top Ten).
  • Proficient in developing and monitoring metrics and KPIs.
  • Experience with application security testing tools (Synopsys, OpenText Fortify, Invicti, Snyk, Semgrep, etc.)
  • Experience with modern CI/CD tools and practices and their integration into the development lifecycle (Jenkins, Azure DevOps, GitHub Enterprise, Circle CI, Heroku, etc.)
  • Experience with public cloud services (Azure, AWS, Alibaba).
  • Experience with Centralized Findings Management Systems (e.g., ServiceNow VR/AVR, PlexTrac, DefectDojo, and ThreatFix).
  • Experience with implementing and managing Web Application Firewalls (Fortinet FortiWeb, Imperva Cloud WAF, Cloudflare WAF, Akamai Kona, MS Azure WAF, AWS WAF, etc.) is a plus.
  • Experience with CMS application security (Wordpress, Drupal, Joomla, Elementor, OpenText TeamSite, Concrete CMS, etc.) is a plus.
  • Experience with generative AI technologies is a plus.


Non-technical Skills

  • Strong communication skills, both verbal and written.
  • high level of integrity and ethical standards.
  • Ability to lead and mentor junior engineers.
  • Excellent problem-solving, analytical, and critical thinking skills.
  • Demonstrated ability to autonomously make high-judgment decisions and take calculated risks.
  • A proactive and positive team player who is impact-focused, driven, curious, analytical, and a self-starter.
  • Ability to establish trust relationships and influence others to positively impact the security posture and the business.
  • Flexible and adaptive to support a dynamic and global environment with diverse stakeholders and ambiguity.
  • Must be able to operate extremely well under pressure.


  • Plano, Texas, United States Caresoft Full time

    Job Title: Senior Application Security EngineerLocation: RemoteJob Type: Full-timeAbout Caresoft:Caresoft is a leading provider of innovative software solutions. We are committed to delivering high-quality products that meet the evolving needs of our customers.Job Summary:We are seeking a highly skilled Senior Application Security Engineer to join our team....


  • Plano, Texas, United States Fortune 500 Companies Full time

    Job Title: Senior Application Security EngineerJob Summary:We are seeking a highly skilled Senior Application Security Engineer to join our team. As a key member of our Global Application Security Program, you will be responsible for driving the integration of automated security tools into CI/CD pipelines and developing innovative, scalable full-stack...


  • Plano, Texas, United States PepsiCo Full time

    Job Title: Senior Application Security EngineerPepsiCo is seeking a highly skilled Senior Application Security Engineer to join our team. As a key member of our Global Application Security Program, you will be responsible for driving the integration of automated security tools into CI/CD pipelines and developing innovative scalable full-stack solutions,...


  • Plano, United States Motion Recruitment Full time

    Our client, a food and beverage company, is looking for an Application Security Engineer to join their team on a 6 month contract in Plano, TX.This role can pay $80-90/hour on a W-2 Contract.This person will join a team that is responsible for integrating automated security testing into both CI/CD pipelines and continuous monitoring to identify and manage...


  • plano, United States Motion Recruitment Full time

    Our client, a food and beverage company, is looking for an Application Security Engineer to join their team on a 6 month contract in Plano, TX.This role can pay $80-90/hour on a W-2 Contract.This person will join a team that is responsible for integrating automated security testing into both CI/CD pipelines and continuous monitoring to identify and manage...


  • Plano, Texas, United States PepsiCo Full time

    Job Title: Senior Application Security EngineerPepsiCo's Global Application Security Program is responsible for integrating automated security testing into both CI/CD pipelines and continuous monitoring to identify and manage security risks in applications. Our mission is to make security risks visible and actionable to the business and ensure that...


  • Plano, Texas, United States PepsiCo Full time

    Job Title: Senior Application Security EngineerPepsiCo's Global Application Security Program is responsible for integrating automated security testing into both CI/CD pipelines and continuous monitoring to identify and manage security risks in applications. Our mission is to make security risks visible and actionable to the business and ensure that...


  • Plano, Texas, United States PepsiCo Full time

    PepsiCo Application Security Engineer Job DescriptionAt PepsiCo, we're committed to protecting our digital assets and ensuring the security of our applications. As an Application Security Engineer, you'll play a critical role in driving our application security program forward.Key Responsibilities:Implement and manage automated security tools within CI/CD...


  • Plano, United States Caresoft Full time

    Title: Sr. Application Security Engineer Location: Plano, Texas (Hybrid) Durartion: Long Term Summary: As a Senior Application Security Engineer, you will play a critical role in ensuring the security of applications and infrastructure for connected services.This role is responsible for designing, implementing, and maintaining security solutions to...


  • Plano, Texas, United States Motion Recruitment Full time

    Job SummaryWe are seeking a highly skilled Lead Application Security Engineer to join our team at Motion Recruitment. As a key member of our security team, you will be responsible for driving the development and execution of our application security strategy.Key ResponsibilitiesDevelop and execute the application security strategy by translating high-level...


  • Plano, Texas, United States Alkami Full time

    Job Title: Senior Security EngineerAbout the Role:We are seeking a highly skilled Senior Security Engineer to join our team at Alkami. As a Senior Security Engineer, you will be responsible for designing and deploying technical and physical controls to mitigate security risks to our cloud digital banking solution and the enterprise.Key...


  • Plano, Texas, United States Motion Recruitment Full time

    Job Title: Lead Application Security EngineerJob Summary:We are seeking a highly skilled Lead Application Security Engineer to join our team. The successful candidate will be responsible for leading a team of application security engineers, driving the integration of automated security tools into CI/CD pipelines, and developing innovative scalable full-stack...


  • plano, United States Motion Recruitment Full time

    Lead Application Security Engineer12 Month Contract (Possible Extension or Contract-to-Hire)Location: Hybrid (Client located in Plano, TX)* Must be able to work on a W-2* Must be local to Plano, TX areaThis company's Global Application Security Program is responsible for integrating automated security testing into both CI/CD pipelines and continuous...


  • Plano, United States Motion Recruitment Full time

    Lead Application Security Engineer12 Month Contract (Possible Extension or Contract-to-Hire)Location: Hybrid (Client located in Plano, TX)* Must be able to work on a W-2* Must be local to Plano, TX areaThis company's Global Application Security Program is responsible for integrating automated security testing into both CI/CD pipelines and continuous...


  • Plano, United States Motion Recruitment Full time

    Lead Application Security Engineer12 Month Contract (Possible Extension or Contract-to-Hire)Location: Hybrid (Client located in Plano, TX)* Must be able to work on a W-2* Must be local to Plano, TX areaThis company's Global Application Security Program is responsible for integrating automated security testing into both CI/CD pipelines and continuous...


  • Plano, Texas, United States Motion Recruitment Full time

    Job Title: Lead Application Security EngineerJoin Motion Recruitment in our mission to find the best talent for our clients.Job Description:We are seeking a highly skilled Lead Application Security Engineer to lead our application security program. As a key member of our team, you will be responsible for driving the integration of automated security tools...


  • Plano, Texas, United States Alkami Full time

    Job Title: Senior Security EngineerJob Summary:Alkami is a leading cloud-based digital banking solutions provider seeking a Senior Security Engineer to join our team. As a Senior Security Engineer, you will be responsible for designing and deploying technical and physical controls to mitigate security risks to our cloud digital banking solution and the...


  • Plano, Texas, United States TEEMA Full time

    Job Title: Senior Network Security EngineerJob Description:We are seeking a highly skilled Senior Network Security Engineer to join our team at TEEMA. As a key member of our engineering team, you will be responsible for designing, implementing, and maintaining our network security solutions.Key Responsibilities:Design and implement network security...


  • Plano, Texas, United States Diverse Lynx Full time

    Job Summary:As a Senior Application Security Specialist at Diverse Lynx LLC, you will play a critical role in ensuring the security of our cloud-based applications. You will be responsible for conducting thorough security reviews, providing coding guidance, and mitigating vulnerabilities in our 3rd party libraries. Your expertise in Java and JavaScript will...


  • Plano, Texas, United States Alkami Full time

    Alkami is a leading cloud-based digital banking solutions provider for financial institutions in the United States that helps clients to transform through retail and business banking, digital account opening and loan origination, payment fraud prevention, and data analytics and engagement solutions. Alkami's Mobile App Platform has been certified by J.D....