RemoteLeaf Logo
Log in Sign up

Application Security Engineer

1 month, 3 weeks ago
United States
Full-time
Mid Level
Application Security Engineer
Cybersecurity
Microservices
Apply Now
ClearCapital.com,

ClearCapital.com,

Clear Capital is a real estate valuation technology company that provides valuation services, data and analytics tools, and a full suite of appraisal services. They offer intelligent valuation solutions for properties nationwide, serving the mortgage a...

Real Estate
1-10
View All Jobs 8

Description

  • Perform application security testing on web applications, mobile applications, microservices, infrastructure code, and open source code.
  • Collaborate with internal teams to define the scope, methodology, and coverage of security testing activities.
  • Plan and execute application security testing throughout all phases of the software development life cycle.
  • Identify vulnerabilities in application code and weaknesses in secure coding practices.
  • Create reports that document security issues, assess risk levels, and provide actionable remediation recommendations.
  • Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts.
  • Focus on automation to improve the efficiency of both testing and remediation efforts.
  • Communicate findings, risks, conclusions, and recommendations to technical and non-technical stakeholders.
  • Educate development engineers on secure coding practices and contribute to application security awareness.
  • Consider and communicate the business and operational impact of unresolved security vulnerabilities.

Requirements

  • 3-5 years of proven experience in application security testing.
  • Experience with Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Open Source Security (OSS) testing, Software Composition Analysis (SCA), and Infrastructure as Code (IaC).
  • Bachelor’s degree in a technically related field such as Computer Science, Information Technology, or Software Engineering, or equivalent work experience.
  • Relevant certifications such as EC-Council Certified Application Security Engineer (C|ASE), (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP), or GIAC Web Application Penetration Tester (GWAPT).
  • Experience testing web applications for OWASP Top Ten security vulnerabilities.
  • Thorough understanding of the Software Development Life Cycle (SDLC).
  • Experience promoting and implementing secure coding practices and training development teams on secure development practices.
  • Strong verbal and written communication skills with the ability to explain technical concepts to technical and non-technical audiences.
  • Ability to plan and execute tests with strong attention to detail, prioritize tasks, manage time effectively, and meet deadlines.
  • Strong analytical and problem-solving skills, ethical integrity, collaboration ability, and a commitment to continuous technical learning.

Benefits

  • Base salary range of $80,000 to $110,000 annually, depending on location, experience, and qualifications.
  • Company profit-sharing bonus program, communication stipends, and referral bonuses.
  • Comprehensive medical, dental, and company-paid vision insurance.
  • 401(k) retirement plan with employer match.
  • Paid time off (PTO) and paid holidays.
  • Employee assistance and wellness programs, plus company-paid short-term disability coverage.
  • Company contributions to health savings funds with participation in the high deductible health plan.
  • Free access to Galileo for virtual primary care and Rula for virtual mental health resources.
  • Career and skill development resources to support professional growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Chainguard

Senior Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Staff Product Security Engineer to embed security into its open source software delivery and cloud-native product stack, with ownership of secure pipelines, product hardening, and security architecture across the company.

United Kingdom Full-time Lead Application Security Engineer
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
2 hours, 49 minutes ago
Chainguard

Senior Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Senior Product Security Engineer to embed security into its cloud-native product and delivery pipelines, helping protect hardened open source builds from development through production.

Canada Full-time Senior Application Security Engineer
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
2 hours, 49 minutes ago
Chainguard

Senior Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Senior Product Security Engineer to embed security into the development lifecycle for cloud-native, Kubernetes-based products and strengthen the security of their open source software supply chain.

United States Full-time Senior Application Security Engineer
$157k-$184k
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
2 hours, 49 minutes ago
Brex

Senior Application Security Engineer (Remote)

Brex 1K-5K Diversified Financial Services

Brex is hiring a Senior Application Security Engineer to secure its finance platform by finding vulnerabilities, improving secure development practices, and protecting emerging AI-driven product features.

United States Full-time Senior Application Security Engineer
$192k-$240k
AWS GraphQL gRPC Kotlin Kubernetes Penetration Testing Python
3 hours, 4 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers