ClearCapital.com,

ClearCapital.com,

Clear Capital is a real estate valuation technology company that provides valuation services, data and analytics tools, and a full suite of appraisal services. They offer intelligent valuation solutions for properties nationwide, serving the mortgage a...

Real Estate
1-10

Description

  • Plan and perform application security testing across all phases of the software development lifecycle.
  • Assess vulnerabilities and recommend risk-mitigating solutions, using automation to improve testing and remediation efficiency.
  • Communicate findings, risks, and recommendations to stakeholders and track progress against SLAs and business metrics.
  • Lead AI security initiatives, including threat modeling for production LLM stacks and auditing third-party models and APIs.
  • Participate in product and application projects with business and technical teams to improve security early in development.
  • Collaborate with architects and development teams to drive secure design practices using established standards and frameworks.
  • Define, maintain, and follow an automated and repeatable security review process.
  • Monitor the security community for emerging issues and new testing tactics.
  • Train developers and junior application security engineers on common weaknesses and secure practices.
  • Assess the security of business-to-business initiatives, third-party relationships, outsourced solutions, and vendors.

Requirements

  • 4+ years of related experience.
  • Bachelor’s degree in a technically related field such as Computer Science, Information Technology, or Software Engineering, or equivalent work experience.
  • Technical and analytical background in software development and scripting languages such as Java, Python, C++, Ruby, JavaScript, PowerShell, or PHP.
  • Hands-on experience with Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA) tools.
  • Experience with threat modeling, vulnerability testing, penetration testing, API security, OWASP Top Ten mitigation, and securing applications in AWS and private cloud environments.
  • Relevant certifications such as C|ASE, CSSLP, GWAPT, OSCP, or equivalent.
  • Experience with security and compliance frameworks such as ISO 27001, NIST, GDPR, CIS, or SOC 2.

Benefits

  • Base salary range of $111,000 to $144,400 annually, depending on location, experience, and qualifications.
  • Eligibility for a company profit-sharing bonus program, communication stipends, and referral bonuses.
  • Comprehensive medical, dental, and company-paid vision insurance.
  • 401(k) retirement plan with employer match.
  • Paid time off and paid holidays.
  • Employee assistance and wellness programs, including company-paid access to Galileo for virtual primary care and Rula for virtual mental health resources.
  • Company-paid short-term disability coverage and company contributions to health savings funds for eligible high-deductible health plan participants.
  • Career and skill development resources to support professional growth.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Senior Application Security Engineer

Canary 11-50 Internet Software & Services

Canary Technologies is hiring a Senior Application Security Engineer to embed security into its fully remote engineering organization and help keep its hospitality software platform secure and scalable.

AWS Burp Suite CI/CD DevSecOps Encryption GitHub Actions GitOps Go Helm JavaScript Kubernetes Penetration Testing Python Secrets Management SonarQube Terraform
14 hours, 54 minutes ago

Senior Mobile Security Engineer (Android/iOS)

Coforge 10K-50K IT Services

A mobile security engineer role focused on hardening Android and iOS applications, building reusable protection components, and validating defenses against real-world attacks.

Android iOS Java Kotlin Objective-C Penetration Testing Swift TLS
1 day, 14 hours ago

Lead Application Security Engineer

Coforge 10K-50K IT Services

Application Security role at a banking organization focused on securing new financial features, automating security checks, and guiding development teams on secure design and coding practices.

GitHub Actions GitLab CI Go Java Jenkins Kotlin Microservices Node.js SonarQube Swift
1 day, 14 hours ago

Product Security Engineer

Action1 11-50 Internet Software & Services

Action1 is hiring a Product Security Engineer to secure its multi-tenant SaaS platform by working with engineering, product, and security teams to identify risks early and strengthen product security practices.

AWS C++ Cybersecurity DevSecOps JavaScript Network Security Penetration Testing
3 days, 14 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers