RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

4 hours, 52 minutes ago
United States
Full-time
Senior
Application Security Engineer
Software Development
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 39

Description

  • Implement, operationalize, and troubleshoot Static Application Security Testing (SAST) tools across development environments.
  • Work with CI/CD pipeline tools and processes to integrate security into software delivery workflows.
  • Apply application security fundamentals, including the OWASP Top 10, threat modeling, and secure coding practices across the SDLC.
  • Use scripting and automation to support security engineering and workflow efficiency.
  • Collaborate on secure development lifecycle practices and proactive security integration into the development process.
  • Validate vulnerabilities and help triage and remediate technical issues found by web application scanning tools.
  • Build and operate security tools within CI/CD pipelines.
  • Support the evaluation and use of application security tools such as IAST, DAST, SCA, and API security solutions.
  • Communicate findings and recommendations clearly in written and verbal formats.

Requirements

  • 5-7 years of security engineering experience in the Information Security industry.
  • Bachelor’s degree in a relevant discipline or equivalent experience.
  • Proficiency with implementing, operationalizing, and troubleshooting SAST tools such as Semgrep, Snyk, CodeQL, Checkmarx, and Veracode.
  • Understanding of CI/CD pipeline tools and processes such as GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, and CircleCI.
  • Experience in software engineering, ideally full stack development, including modern technologies and application architectures.
  • Strong scripting and automation experience using one or more programming languages.
  • Solid working knowledge of application security fundamentals, including the OWASP Top 10, threat modeling, and secure coding practices throughout the SDLC.
  • Excellent written and verbal communication skills.
  • Experience writing or adapting custom SAST rules in Semgrep or CodeQL, preferred.
  • Familiarity with additional application security tools such as IAST, DAST, API security, and SCA, preferred.
  • Familiarity with API security tools such as NoName, Traceable, Salt, and Cequence, preferred.
  • Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite, preferred.
  • Experience triaging and remediating technical vulnerabilities identified by web application scanning tools, preferred.
  • Past experience as an application security practitioner or software engineer, preferred.

Benefits

  • Remote workforce primarily for U.S.-based employees, with some travel or on-site work required for certain Federal positions.
  • Group medical insurance options with significant employer-paid premiums, including PPO and High Deductible Health Plan choices.
  • Group dental insurance with GuidePoint paying 100% of employee premiums and 75% of family plan premiums.
  • 12 corporate holidays plus a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Eligibility for the retirement plan after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Rubrik

Application Security Intern

Rubrik 1K-5K IT Services

Rubrik is hiring an Application Security Engineering intern to help strengthen its secure software development life cycle and support security work across products and applications.

India Internship Entry Level Application Security Engineer Software Engineer
Cybersecurity Docker Go JavaScript Kubernetes Microservices Python Scala TypeScript
22 minutes ago
Tines

Senior Product Security Engineer

Tines 51-250 Construction & Engineering

Tines is hiring a Senior Product Security Engineer in a remote U.S. role to lead product security efforts and scale security controls across an AI-forward engineering environment as the company’s product portfolio grows.

United States Full-time Senior Application Security Engineer
$218k-$235k
AWS CI/CD DevSecOps Docker Kubernetes Ruby Rust TypeScript
1 hour, 7 minutes ago
ShopBack

Product Security Engineer

ShopBack 1K-5K IT Services

ShopBack is hiring a Product Security Engineer to help secure its cloud-native, microservices, web, and mobile products across the software development lifecycle as the company scales its shopping, rewards, and payments platform.

India Full-time Mid Level Application Security Engineer
Go LLM Microservices Node.js Python TypeScript
1 day, 4 hours ago
Chainguard

Principal Product Security Researcher

Chainguard 51-250 Internet Software & Services

Chainguard is hiring a Staff Product Security Engineer to embed security into cloud-native product and CI/CD systems, helping protect hardened open source builds used by enterprise customers.

Canada Full-time Lead Application Security Engineer DevOps Engineer
AWS GCP GitHub Actions Go Kubernetes OWASP Penetration Testing Python Secrets Management Tekton
1 day, 12 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers