Senior Application Security Engineer
3 days ago
Contract to Hire, Onsite in Draper Utah (US Citizen or GC Only)
As a Senior Application Security Engineer, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the engineering organization and work with engineers to produce more secure applications. You will work to both collect and disseminate information throughout the business to ensure processes and procedures are operating efficiently and effectively. You will support the developers in their efforts to secure our applications and assist in the documentation and tracking of various application security and cloud.
What You Will Do
- Collaborate with engineers, consultants, and leadership to address security risks and provide mitigation recommendations within the Secure Development Lifecycle (SDLC)
- Build automated code scanning tools to identify security vulnerabilities in application code and infrastructure code using both open source and commercial tools Integrating open-source and/or commercial static application code scanning tools with the CI/CD Pipeline
- Enable secure-by-default best practices by developing libraries and frameworks to prevent future vulnerabilities
- Operate at enterprise scale by building and managing tools that help test, monitor, and improve application security
- Develop security standards, preferred implementation patterns, secure common frameworks, and developer documentation and educational materials
- Provide secure developer training to software engineers on how to write secure code and follow best practices
- Conduct web app penetration testing, code scanning, dependency scanning that can be incorporated into SDLC process and CI/CD pipeline
- Work closely and together with the development team to provide guidance and mitigate security vulnerabilities
- Perform security architecture and design reviews of all systems and applications.
- Provide a leadership role in the development, implementation and maintenance of consistent application and infrastructure architecture security programs
Qualifications
- 3+ years of experience working in an application security role
- You have a background in web application development and/or code auditing and can get deep into the code to find and resolve security problems
- You have experience with static and dynamic code analyzers
- You have experience with software composition analysis tools
- Web application penetration testing and source code vulnerability analysis skills
- Extensive knowledge of internet security issues, cloud architectures, and threat landscape
- General understanding of application and cloud security threats and vulnerabilities, including OWASP top 10, SANS top 25 etc.
- Professional security certification: CISSP, GIAC, GWEB, GWAP or other similar credentials.
- Experience with BurpSuite, Zed Attack Proxy (ZAP), or similar dynamic testing tool
- Knowledge of current development practices, including containerized applications, microservice architectures, serverless architectures, native mobile applications, responsive web applications, etc. a plus
- Ideal Candidate Profile
- Developer background with extensive experience (5-10 years) writing and understanding source code.
- Must have the mindset and initiative to analyze and fix vulnerabilities in source code, either independently or through tool usage (open-source or standard).
- Familiarity with multiple programming languages, with a preference for Ruby.
- Responsibilities
- Lead efforts with a security team (managing 2-3 people) and collaborate with 150+ full-time engineers, plus additional contractors.
- Ability to communicate with technical and non-technical stakeholders (e.g., explaining issues to CTO, proposing remediation plans).
- Manage multiple layers of infrastructure, source code, and application criticality.
- Technical Skills
- Must have familiarity with GitHub Advanced Security or GitLab Ultimate for static and dynamic code analysis, dependency scanning, and vulnerability management.
- Knowledge of other tools like Snyk is a bonus but not essential.
- Ability to automate tasks using scripts (e.g., generating vulnerability reports).
- Required Skills
- Hands-on experience with integrating security tools into CI/CD pipelines.
- Experience with automated code scanning and vulnerability assessment tools.
- Ability to identify the right point in the pipeline for security interventions.
- Penetration Testing
- Thorough understanding of OWASP framework.
- Expertise in both automated and manual penetration testing approaches.
-
Senior Application Security Engineer
7 days ago
Draper, UT, United States BAMM Staffing Full timeContract to Hire, Onsite in Draper Utah (US Citizen or GC Only)As a Senior Application Security Engineer, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the...
-
Senior Application Security Engineer
1 month ago
Draper, United States BAMM Staffing Full timeAs a Senior Application Security Engineer, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the engineering organization and work with engineers to produce more...
-
Senior Application Security Engineer
1 month ago
Draper, United States BAMM Staffing Full timeAs a Senior Application Security Engineer, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the engineering organization and work with engineers to produce more...
-
Senior Application Security Engineer
1 week ago
Draper, United States BAMM Staffing Full timeContract to Hire, Onsite in Draper Utah (US Citizen or GC Only)As a Senior Application Security Engineer, you will work to support the various processes and procedures related to application security and gather information from product engineering teams related to these activities. You will make a difference in promoting a culture of security inside the...
-
Senior Application Security Engineer
1 month ago
Draper, United States BAMM Staffing Full timeAs a DevSecOps Engineer, you will play a key role in safeguarding product offerings and cloud infrastructure. Working within the Cloud and Application Security team, you'll focus on designing, deploying, and automating cloud and application security solutions across the organization. This position emphasizes collaboration with DevOps Engineers and...
-
Senior Application Security Engineer
1 month ago
Draper, United States BAMM Staffing Full timeAs a DevSecOps Engineer, you will play a key role in safeguarding product offerings and cloud infrastructure. Working within the Cloud and Application Security team, you'll focus on designing, deploying, and automating cloud and application security solutions across the organization. This position emphasizes collaboration with DevOps Engineers and...
-
Senior Application Security Engineer
3 days ago
Tysons Corner, VA, United States Take2 Consulting, LLC Full timeTake2 has proven experience bridging the intersection of technology and people solutions. As a proven, trusted provider for our Federal and commercial clients, we provide the right solutions, at the right time through trusted partnerships, customized to solve our client’s unique business challenges. Take2 invests time, discipline, and rigor into our...
-
Senior Cloud Security Specialist
4 weeks ago
Draper, Utah, United States BAMM Staffing Full timeJob Title: Senior Application Security EngineerAt BAMM Staffing, we're seeking a highly skilled Senior Application Security Engineer to join our Cloud and Application Security team. As a key member of our team, you'll play a crucial role in safeguarding our product offerings and cloud infrastructure.Key Responsibilities:Design, deploy, and automate cloud and...
-
Senior Cloud Security Architect
4 weeks ago
Draper, Utah, United States BAMM Staffing Full timeJob Title: Senior Application Security EngineerJob Summary:We are seeking a highly skilled Senior Application Security Engineer to join our Cloud and Application Security team. As a key member of our team, you will play a critical role in designing, deploying, and automating cloud and application security solutions across our organization.Key...
-
Security GCP Engineer
3 weeks ago
Draper, UT, United States ConsultNet Full timeSecurity GCP Engineer (Remote)Utah (Remote)ContractPay: $120-$160/hrJob Description:Our client is seeking an experienced Security and DevOps Consultant to join their team in a consulting role (about 10 hours/week).The position requires hands-on expertise in configuring and setting up systems within Google Cloud Platform (GCP). The consultant will also be...
-
Security Engineer
2 weeks ago
Draper, United States HealthEquity Full timeSecurity Engineer (API Specialist) Job Locations US-Remote Overview We areCONNECTING HEALTH AND WEALTH.Come be part of remarkable. How you can make a difference HealthEquity is hiring a Security Engineer with a specialization in APIs to join our DevSecOps team. The ideal candidate will play a crucial role in enhancing our API-centric development approach,...
-
Senior Vulnerability Management Engineer
4 weeks ago
Draper, Utah, United States Solventum Full timeJoin Solventum's Team as a Senior Vulnerability Management EngineerAt Solventum, we are committed to delivering innovative solutions that improve lives. As a Senior Vulnerability Management Engineer, you will play a critical role in ensuring the security and integrity of our systems and applications.The Impact You'll MakeEstablish and maintain a...
-
Software Security Engineer
2 weeks ago
Draper, United States HealthEquity Full timeSoftware Security Engineer - API Management Job Locations US-Remote Overview We areCONNECTING HEALTH AND WEALTH.Come be part of remarkable. How you can make a difference HealthEquity is hiring a Security Engineer specializing in API Management tools to join our DevSecOps team. The ideal candidate will play a crucial role in enhancing our API-centric...
-
Senior Network Services Engineer
1 week ago
Trumbull, CT, United States Kyber Security Full timeKyber Security has been delivering full service technology solutions to businesses in the Northeastern US since 1985. We are laser focused on delivering enterprise grade cyber security solutions to the small to the medium sized business market “from a hacker’s point of view”. We have developed security solutions for SMBs which will protect their...
-
Application Security Engineer
1 day ago
Iselin, NJ, United States Strategic Staffing Solutions Full timeApplication Security Engineer Read all the information about this opportunity carefully, then use the application button below to send your CV and application. Iselin, NJ - 12 months - hybrid onsite Pay: $70-72/hr W2 Experience: - 4+ years of application security experience with at least 2+ years supporting Checkmarx - 2+ years of experience with Agile...
-
Provo, UT, United States L3Harris Technologies Full timeJob Title: Senior Scientist, Information Security Systems Engineering Job Location: Salt Lake City-UTJob Code: 15721Job Schedule: 9/80, every other Friday off Position Overview:This Subject Matter Expert will apply current systems security engineering methods, practices and technologies to the architecture, design, development, evaluation and...
-
Senior Intapp Applications Engineer
7 days ago
Houston, TX, United States Request Technology, LLC Full time*We are unable to sponsor for this permanent Full time role**Position is bonus eligible*Prestigious Global Firm is currently seeking a Senior Intapp Applications Engineer. Candidate will be responsible for the design, support, and on-going operation of the Firm’s Intapp Walls, Open Intake, Conflicts and Terms platforms. This position uses technical...
-
Senior Intapp Applications Engineer
3 days ago
Houston, TX, United States Request Technology, LLC Full timeWe are unable to sponsor for this permanent Full time rolePosition is bonus eligiblePrestigious Global Firm is currently seeking a Senior Intapp Applications Engineer. Candidate will be responsible for the design, support, and on-going operation of the Firm’s Intapp Walls, Open Intake, Conflicts and Terms platforms. This position uses technical guidance...
-
Application Security Engineer
4 days ago
Minnetonka, MN, United States Old Republic Title Full timeJob Description:About the RoleOld Republic Title is seeking an Application Security Engineer based in Tampa, FL or Minnetonka, MN to strengthen our application security program. As a key individual contributor on a largely independent team, you’ll work directly with development teams to drive secure development practices and enhance the security of our...
-
Application Security Engineer
3 days ago
Minnetonka, MN, United States Old Republic Title Full timeJob Description:For a complete understanding of this opportunity, and what will be required to be a successful applicant, read on.About the RoleOld Republic Title is seeking an Application Security Engineer based in Tampa, FL or Minnetonka, MN to strengthen our application security program. As a key individual contributor on a largely independent team,...
