[Remote] Application Security Engineer

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. Bright Vision Technologies is a forward-thinking software development company dedicated to building innovative solutions that help businesses automate and optimize their operations. They are looking for a skilled Application Security Engineer to embed security throughout the software development lifecycle, partnering with engineering teams to design secure systems and reduce risk across their application portfolio.ResponsibilitiesConduct threat modeling and security architecture reviews for new and existing applications and servicesPerform manual code reviews, secure design consultations, and pair with engineering teams on hardening critical componentsOperate and tune SAST, DAST, IAST, SCA, and secret-scanning tools across CI/CD pipelinesDrive vulnerability management workflows including triage, prioritization, owner assignment, and SLA trackingBuild paved-road libraries and frameworks that make secure patterns the default for engineering teamsLead red-team and purple-team exercises against internal applications and drive remediation of identified weaknessesImplement and operate runtime protections including WAF, RASP, bot protection, and abuse-detection mechanismsDesign and enforce secure authentication, authorization, session management, and cryptographic patternsPartner with infrastructure and platform teams to harden container, Kubernetes, and cloud environmentsDevelop and deliver application security training, lunch-and-learns, and onboarding content for engineering staffRespond to security incidents involving application vulnerabilities or active exploitationTrack and apply emerging threats and CVEs that may affect the application portfolioMaintain comprehensive, current technical documentation — including architecture diagrams, design decisions, configuration references, runbooks, and operational procedures — so that the system remains supportable, auditable, and easy to onboard new engineers onto over timeStay current with application security research and emerging defensive toolingSkillsBachelor's degree in Computer Science, Cybersecurity, or a related fieldFive or more years of application security or security engineering experienceStrong understanding of OWASP Top 10, common vulnerability classes, and modern exploit patternsHands-on experience performing code review across at least two major languagesDeep familiarity with SAST, DAST, SCA, and CI/CD-integrated security toolingStrong understanding of authentication, authorization, and cryptographic primitivesExperience with cloud security and modern infrastructure controlsStrong communication skills with technical and non-technical audiencesProficiency in at least one programming language for tooling and automationExperience working closely with engineering teams in an Agile environmentIndustry certifications such as OSCP, OSCE, GWAPT, or CISSPExperience with offensive security tooling and red-team operationsBug bounty experience, public CVEs, or open-source security contributionsFamiliarity with AI/LLM application security considerationsExposure to regulated industries with strict compliance requirementsBenefitsFull-time, direct W2 with Bright Vision Technologies (no C2C, no 1099, no third-party)Competitive base salary commensurate with experience, plus benefits.We will support H1B transfers for qualified candidates.Company OverviewBright Vision Technologies is an information technology company that offers software development, AI, and cybersecurity services. It was founded in 2020, and is headquartered in Bridgewater, New Jersey, USA, with a workforce of 51-200 employees. Its website is https://bvteck.com.

Apply Now →
← Back