[Remote] Application Security Engineer II

Remote Full-time
Note: The job is a remote job and is open to candidates in USA. National Digital Trust Company (In Organization) is a specialized financial institution focused on providing digital asset services. As an Application Security Engineer II, you will be responsible for designing and managing security practices for applications, collaborating with software engineers to ensure security is integrated throughout the software development lifecycle.ResponsibilitiesPerform automated and manual vulnerability assessments for APIs and web applicationsConduct static (SAST), dynamic (DAST), software composition analysis (SCA), and interactive (IAST) testingReview findings for exploitability and provide actionable remediation guidancePerform manual testing to validate vulnerabilities and ensure secure implementationsPartner with developers to embed security into the SDLCParticipate in and help manage the secure code review approval processPerform product threat modeling and develop threat-focused validation checksEnsure new projects are designed, scoped, and deployed securelyImplement, manage, and optimize application security tools across the organizationSupport the operational management of AppSec programs and workflowsManage cloud security for both internally developed and third-party applicationsContribute to internal security documentation, playbooks, and best practicesSupport Red Team exercises and external penetration testing engagementsAssist in triaging and responding to bug bounty submissionsPerform validation testing to ensure applications meet internal and industry security standardsInvestigate security incidents through research and log analysisContribute to incident response processes, documentation, and continuous improvementBuild or enhance internal tooling to automate security testing, compliance checks, and evidence collectionWrite scripts and utilities to improve efficiency and scalabilityEvaluate and experiment with new tools to improve application security outcomesServe as a security subject matter expert for engineering and business teamsPromote a strong, approachable security culture across the organizationOperate flexibly across multiple responsibilities in a fast-growing environmentSkills3–5+ years of experience in Information Technology, including security tooling3–5+ years of experience as an Application Security Engineer1–3+ years of experience in regulated environments (e.g., financial services, fintech)Strong understanding of web application security principles and architectureExperience with container technologies and container securityProficiency in at least one programming language, with willingness to learn additional languages (e.g., Rust, TypeScript)Experience with CI/CD pipelines and source control tools (Git, GitHub)Experience evaluating Infrastructure-as-Code (IaC) security across cloud environmentsFamiliarity with bug bounty programs (participation or triage)Understanding of OWASP Top 10 and application security best practices across web, DevOps, and emerging AI systemsStrong problem-solving, analytical thinking, and ability to adapt quicklyExperience implementing security controls within DevOps / DevSecOps environmentsKnowledge of application security risks and mitigation strategiesFamiliarity with frameworks and standards such as: NIST 800-53 / CSF 2.0, NIST SSDF (800-218), SOC 2, PCI-DSS, PA-DSSUnderstanding of Content Security Policy (CSP)Ability to identify and explain vulnerabilities such as: XSS, CSRF, injection attacks, MITM attacks, Brute-force and credential attacksInterest in financial services, digital assets, and custodial securityExperience working with AI tools and understanding of security considerations for generative AIFamiliarity with AI-assisted development workflows, agent-based systems, or MCP-based toolsWillingness to learn and adapt to AI-driven SDLC environmentsCuriosity and a continuous improvement mindsetAbility to balance security rigor with engineering velocityStrong communication skills and ability to influence across teamsPassion for building scalable, practical security solutionsBenefitsEmployer-provided: Medical, Dental, and Vision insurance, 401(k), life and disability insurance.Company Overview It was founded in undefined, and is headquartered in , with a workforce of 51-200 employees. Its website is https://www.nationaldigital.com.

Apply Now →
← Back