RemoteLeaf Logo
Log in Sign up

Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

6 hours, 51 minutes ago
United States
Full-time
Mid Level
Application Security Engineer
Software Development
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins SaltStack
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 41

Description

  • Implement, operationalize, and troubleshoot Black Duck and Checkmarx across development environments.
  • Work with CI/CD pipeline tools and processes such as GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, and CircleCI.
  • Apply software engineering experience to modern application architectures and full stack development environments.
  • Build scripting and automation to support security testing and related workflows.
  • Support application security fundamentals including secure coding practices, threat modeling, and OWASP Top 10 considerations.
  • Integrate security tools into the software development lifecycle and development process.
  • Validate vulnerabilities and assist with triage and remediation of findings from web application scanning tools.
  • Collaborate with engineering and security teams to improve secure development lifecycle practices.
  • Operate and support automated security testing tools within CI/CD pipelines.
  • Provide clear written and verbal communication to support implementation and troubleshooting efforts.

Requirements

  • Proficiency with the implementation, operationalization, and troubleshooting of Black Duck and Checkmarx.
  • Understanding of CI/CD pipeline tools and processes such as GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, and CircleCI.
  • Experience in software engineering, ideally full stack software development, with modern technologies and application architectures.
  • Strong scripting and automation experience using one or more programming languages.
  • Working knowledge of application security fundamentals, including the OWASP Top 10, threat modeling, and secure coding practices throughout the SDLC.
  • Excellent written and verbal communication skills.
  • Preferred experience with other SAST tools such as Semgrep, CodeQL, and Veracode.
  • Preferred experience writing or adapting custom SAST rules using Semgrep or CodeQL.
  • Familiarity with additional application security tools, including IAST, DAST, API security, and SCA.
  • Familiarity with API security tools such as NoName, Traceable, Salt, and Cequence.
  • Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite.
  • Strong working knowledge of Secure Development Lifecycles and vulnerability triage/remediation from web application scanning tools.
  • Experience building and operating security tools within CI/CD pipelines and proactively integrating security into development processes.
  • Past experience as an application security practitioner or software engineer.
  • Bachelor’s degree in a relevant discipline or equivalent experience.
  • 3-5 years of security engineering experience in the Information Security industry.

Benefits

  • Remote workforce primarily, with U.S.-based work and some travel possible depending on the position.
  • Medical insurance options including a Zero Deductible PPO or High Deductible Health Plan with HSA contributions.
  • Dental insurance with GuidePoint covering 100% of employee premiums and 75% of family plan premiums.
  • 12 corporate holidays and a Flexible Time Off (FTO) program.
  • Mobile phone and home internet allowance.
  • Retirement plan eligibility after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Onit

Senior Application Security Engineer

Onit 251-1K IT Services

Onit is hiring a Senior Application Security Engineer in Pune to secure its SaaS applications, APIs, and AI-driven platform through hands-on security architecture, risk assessment, and vulnerability management.

India Full-time Senior Application Security Engineer
AWS Azure CI/CD DevSecOps GCP GraphQL OAuth OpenID Connect REST API SAML SonarQube System Design
4 hours, 52 minutes ago
Brex

Application Security Engineer

Brex 1K-5K Diversified Financial Services

Brex is hiring an Application Security Engineer to help secure its finance platform by finding and responding to vulnerabilities, supporting secure development, and contributing to AI security efforts across cross-functional teams.

Anywhere Full-time Mid Level Application Security Engineer
$152k-$190k
AWS GraphQL gRPC Kotlin Kubernetes Penetration Testing Python
6 hours, 44 minutes ago
Chainguard

Staff Product Security Engineer

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Staff Product Security Engineer to embed security into its cloud-native, open source software delivery pipelines and product stack, with the goal of reducing risk and hardening production systems.

United States Full-time Lead Application Security Engineer
$17k-$231k
AWS CI/CD GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
7 hours, 23 minutes ago
ESG News

Senior Cyber Engineer

ESG News 11-50 Internet Software & Services

The Financial Times is hiring a Senior Cyber Security Engineer to strengthen application and cloud security across its AWS-hosted, cloud-native technology estate.

United Kingdom Full-time Senior Application Security Engineer Security Engineer
Agile AWS CI/CD CloudFormation GitHub Python Scrum SIEM Splunk Terraform
1 day, 5 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers