Application Security Engineer (AppSec)

Remote Full-time
About the position

The Application Security Engineer (AppSec) is responsible for ensuring the security of applications, APIs, and software components throughout the software development lifecycle.
Operating within the SecOps domain and reporting to the Information Security Officer (ISO), the AppSec role focuses on secure design, code-level security, vulnerability identification, and controlled offensive testing, ensuring that applications meet organizational security standards before and after deployment.
This role owns what is built securely, not cloud platform configuration or CI/CD automation.
This position is hybrid, requiring on-site presence with a schedule of:
3 days on-site
2 days remote

Responsibilities
• Perform application security testing, including SAST, SCA, and DAST analysis.
• Execute internal manual penetration testing of applications and APIs on a quarterly basis, within approved scope.
• Conduct threat modeling for new applications and significant changes.
• Identify, analyze, and document application-level vulnerabilities and security weaknesses.
• Work directly with development teams to support secure remediation and secure coding practices.
• Define and maintain secure coding standards aligned with OWASP Top 10 and OWASP API Top 10.
• Validate that security findings are properly remediated before release.
• Maintain vulnerability tracking and reporting in Archer or approved systems.
• Support ISO during audits and security assessments by providing application security evidence.

Requirements
• 3+ years of experience in application security, secure software development, or ethical hacking.
• Strong knowledge of secure coding principles and common application vulnerabilities.
• Hands-on experience with SAST, DAST, and SCA tools.
• Experience performing manual application and API penetration testing.
• Familiarity with REST APIs, authentication mechanisms, and authorization models.
• Understanding of CI/CD pipelines from a security testing perspective.
• Strong documentation and vulnerability reporting skills.

Apply tot his job

Apply To this Job
Apply Now →

Similar Jobs

Experienced Registered Behavior Technician for In-Home ABA Therapy - Atlanta, GA

Remote

Immediate Hiring: Experienced Registered Behavioral Technician (RBT) for Clinic-Based ABA Therapy Services

Remote

Experienced Registered Behavioral Technician (RBT) - ABA Therapy for Children with Autism Spectrum Disorder

Remote

Experienced Registered Nurse - Telehealth: Providing Remote Care Coordination and Patient Support

Remote

Experienced Substitute Teacher for Riverside County Schools - Join Scoot Education's Innovative Team

Remote

Experienced Substitute Teacher for San Bernardino County - Flexible Schedules & Competitive Pay

Remote

Experienced School Year Instructional Coach for High-Dosage Tutoring Programs in Edgewater Park, NJ

Remote

Experienced School Year Tutor for K-8 Students in Math and Literacy - Mickleton, NJ

Remote

Experienced Secondary Social Studies Teacher for Kansas - Flexible Hybrid Remote Arrangement

Remote

USPS Office Helper

Remote

Spanish Bilingual Remote Customer Service Representative

Remote

Online English Tutor Energetic/ Engaging / Great with Kids/ /26/hr / Bonus/

Remote

**Experienced Customer Service Representative – Work From Home Opportunity at arenaflex**

Remote

ECM Clinical Manager (RN)

Remote

Part Time Porter- Fridays and Saturdays – Amazon Store

Remote

Senior Cloud Consultant SAP SuccessFactors | Wien oder remote | Vollzeit & Teilzeit |Orbis Austria Gmbh

Remote

**Experienced Virtual Customer Service Representative – Remote Work Opportunity at arenaflex**

Remote

Now Hiring in Colorado: Remote Deaf/Hard of Hearing Teacher

Remote

Urgently Hiring: Urgently Need Family-Teaching Couple - Rhode

Remote

Account Manager IV

Remote
← Back