RemoteLeaf Logo
Log in Sign up

Application Security Engineer

1 week, 3 days ago
United States
Full-time
Mid Level
Application Security Engineer
Cybersecurity
Microservices
Apply Now
ClearCapital.com,

ClearCapital.com,

Clear Capital is a real estate valuation technology company that provides valuation services, data and analytics tools, and a full suite of appraisal services. They offer intelligent valuation solutions for properties nationwide, serving the mortgage a...

Real Estate
1-10
View All Jobs 7

Description

  • Perform application security testing on web applications, mobile applications, microservices, infrastructure code, and open source code.
  • Collaborate with internal teams to define the scope, methodology, and coverage of security testing activities.
  • Plan and execute application security testing throughout all phases of the software development life cycle.
  • Identify vulnerabilities in application code and weaknesses in secure coding practices.
  • Create reports that document security issues, assess risk levels, and provide actionable remediation recommendations.
  • Assess discovered vulnerabilities and recommend solutions to reduce risk and mitigate security impacts.
  • Focus on automation to improve the efficiency of both testing and remediation efforts.
  • Communicate findings, risks, conclusions, and recommendations to technical and non-technical stakeholders.
  • Educate development engineers on secure coding practices and contribute to application security awareness.
  • Consider and communicate the business and operational impact of unresolved security vulnerabilities.

Requirements

  • 3-5 years of proven experience in application security testing.
  • Experience with Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Open Source Security (OSS) testing, Software Composition Analysis (SCA), and Infrastructure as Code (IaC).
  • Bachelor’s degree in a technically related field such as Computer Science, Information Technology, or Software Engineering, or equivalent work experience.
  • Relevant certifications such as EC-Council Certified Application Security Engineer (C|ASE), (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP), or GIAC Web Application Penetration Tester (GWAPT).
  • Experience testing web applications for OWASP Top Ten security vulnerabilities.
  • Thorough understanding of the Software Development Life Cycle (SDLC).
  • Experience promoting and implementing secure coding practices and training development teams on secure development practices.
  • Strong verbal and written communication skills with the ability to explain technical concepts to technical and non-technical audiences.
  • Ability to plan and execute tests with strong attention to detail, prioritize tasks, manage time effectively, and meet deadlines.
  • Strong analytical and problem-solving skills, ethical integrity, collaboration ability, and a commitment to continuous technical learning.

Benefits

  • Base salary range of $80,000 to $110,000 annually, depending on location, experience, and qualifications.
  • Company profit-sharing bonus program, communication stipends, and referral bonuses.
  • Comprehensive medical, dental, and company-paid vision insurance.
  • 401(k) retirement plan with employer match.
  • Paid time off (PTO) and paid holidays.
  • Employee assistance and wellness programs, plus company-paid short-term disability coverage.
  • Company contributions to health savings funds with participation in the high deductible health plan.
  • Free access to Galileo for virtual primary care and Rula for virtual mental health resources.
  • Career and skill development resources to support professional growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Backblaze

Sr. Software Engineer - Application Security

Backblaze 251-1K IT Services

Backblaze is hiring an Application Security Engineer to strengthen the security of its cloud storage and backup products by embedding application security into new and existing software across a large, distributed stack.

Mexico Colombia Argentina Costa Rica Full-time Senior Application Security Engineer Software Engineer
C C++ Encryption Go HTTP Java JavaScript Linux Node.js Python REST API TypeScript
2 hours, 23 minutes ago
Bugcrowd

Product Security Engineering Manager

Bugcrowd 1K-5K Internet Software & Services

Bugcrowd is hiring a Product Security Engineering Manager to lead application, platform, and FedRAMP security programs while guiding a distributed team and advancing secure-by-default engineering across the company.

United States Full-time Senior Application Security Engineer
$176k-$242k
AWS Azure CI/CD Cybersecurity Docker GCP Go Java Kubernetes Linux Python Ruby Terraform
20 hours, 10 minutes ago
MongoDB

Senior Product Security Engineer, Server

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Product Security professional to strengthen the security of its core database products and customer-facing security features for its Database Server team in Dublin or remotely in Ireland.

Ireland Full-time Senior Application Security Engineer
AWS Azure C++ Encryption GCP MongoDB Penetration Testing Secrets Management
1 day ago
MongoDB

Director, Identity & Security Product Management

MongoDB 1K-5K Internet Software & Services

MongoDB is hiring a Director of Identity and Security Product Management in Canada to lead the strategy and roadmap for IAM and security across its Atlas platform, core database, and related services.

Canada Full-time Executive Application Security Engineer Product Manager
$87k-$110k
AWS Azure GCP JIRA Microservices MongoDB Network Security
1 day, 2 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers