RemoteLeaf Logo
Log in Sign up

Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

1 week, 3 days ago
United States
Full-time
Mid Level
Application Security Engineer
Software Development
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins SaltStack
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 42

Description

  • Implement, operationalize, and troubleshoot Black Duck and Checkmarx across development environments.
  • Work with CI/CD pipeline tools and processes such as GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, and CircleCI.
  • Apply software engineering experience to modern application architectures and full stack development environments.
  • Build scripting and automation to support security testing and related workflows.
  • Support application security fundamentals including secure coding practices, threat modeling, and OWASP Top 10 considerations.
  • Integrate security tools into the software development lifecycle and development process.
  • Validate vulnerabilities and assist with triage and remediation of findings from web application scanning tools.
  • Collaborate with engineering and security teams to improve secure development lifecycle practices.
  • Operate and support automated security testing tools within CI/CD pipelines.
  • Provide clear written and verbal communication to support implementation and troubleshooting efforts.

Requirements

  • Proficiency with the implementation, operationalization, and troubleshooting of Black Duck and Checkmarx.
  • Understanding of CI/CD pipeline tools and processes such as GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, and CircleCI.
  • Experience in software engineering, ideally full stack software development, with modern technologies and application architectures.
  • Strong scripting and automation experience using one or more programming languages.
  • Working knowledge of application security fundamentals, including the OWASP Top 10, threat modeling, and secure coding practices throughout the SDLC.
  • Excellent written and verbal communication skills.
  • Preferred experience with other SAST tools such as Semgrep, CodeQL, and Veracode.
  • Preferred experience writing or adapting custom SAST rules using Semgrep or CodeQL.
  • Familiarity with additional application security tools, including IAST, DAST, API security, and SCA.
  • Familiarity with API security tools such as NoName, Traceable, Salt, and Cequence.
  • Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite.
  • Strong working knowledge of Secure Development Lifecycles and vulnerability triage/remediation from web application scanning tools.
  • Experience building and operating security tools within CI/CD pipelines and proactively integrating security into development processes.
  • Past experience as an application security practitioner or software engineer.
  • Bachelor’s degree in a relevant discipline or equivalent experience.
  • 3-5 years of security engineering experience in the Information Security industry.

Benefits

  • Remote workforce primarily, with U.S.-based work and some travel possible depending on the position.
  • Medical insurance options including a Zero Deductible PPO or High Deductible Health Plan with HSA contributions.
  • Dental insurance with GuidePoint covering 100% of employee premiums and 75% of family plan premiums.
  • 12 corporate holidays and a Flexible Time Off (FTO) program.
  • Mobile phone and home internet allowance.
  • Retirement plan eligibility after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

TOMORROW HIRE

Application Security Engineer - DAST & Burp Suite Enterprise Security Testing

TOMORROW HIRE Internet Software & Services

Application Security Engineer at a fully remote federal contractor supporting secure application development, testing, and compliance for enterprise web applications.

United States Full-time Senior Application Security Engineer
$120k-$140k
Bash Burp Suite C# CI/CD Eclipse Java Linux .NET Python Selenium Unix Visual Studio
1 minute ago
Evolve Security Academy

Senior Application Security Tester & AI Red Team Subject Matter Expert

Evolve Security Academy 11-50 Internet Software & Services

Evolve Security is seeking a senior offensive security specialist to lead complex web, API, and AI red team engagements while defining the firm’s testing methodology for LLM-enabled and agentic systems.

United States Full-time Senior AI (Artificial Intelligence) Application Security Engineer
Bash GraphQL JavaScript JWT Metasploit Nmap OpenID Connect Penetration Testing Postman PowerShell Python REST API SAML SPA TypeScript
2 hours, 7 minutes ago
Virtualitics

Lead AppSec Engineer

Virtualitics 51-250 IT Services

Virtualitics is seeking a Lead Application Security Engineer to shape secure AI and application security practices for defense, government, and critical infrastructure systems.

United States Full-time Lead Application Security Engineer
$150k-$220k
AWS Azure Docker GCP Kubernetes
1 day, 19 hours ago
GitLab

VP of Product Security

GitLab 1K-5K Internet Software & Services

GitLab is hiring a Vice President of Product Security to lead security strategy and execution for its AI-powered DevSecOps platform, with responsibility for embedding security into product design, delivery, and the supporting cloud and infrastructure systems.

United States Full-time Executive Application Security Engineer Product Manager
$298k-$360k
CI/CD DevSecOps JavaScript Microservices OWASP Secrets Management Serverless
2 days, 23 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers