RemoteLeaf Logo
Log in Sign up

Senior Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)

11 hours, 19 minutes ago
United States
Full-time
Senior
Application Security Engineer
Software Development
Azure Burp Suite CI/CD CircleCI GitHub Actions Jenkins
Apply Now
GuidePoint Security

GuidePoint Security

GuidePoint Security is a trusted cybersecurity consulting firm that provides expertise, solutions, and services to help organizations make informed decisions and minimize risks. Their elite team of experts offers holistic perspectives on cybersecurity,...

Internet Software & Services
251-1K
Founded 2011
View All Jobs 41

Description

  • Implement, operationalize, and troubleshoot Static Application Security Testing (SAST) tools across development environments.
  • Work with CI/CD pipeline tools and processes to integrate security into software delivery workflows.
  • Apply application security fundamentals, including the OWASP Top 10, threat modeling, and secure coding practices across the SDLC.
  • Use scripting and automation to support security engineering and workflow efficiency.
  • Collaborate on secure development lifecycle practices and proactive security integration into the development process.
  • Validate vulnerabilities and help triage and remediate technical issues found by web application scanning tools.
  • Build and operate security tools within CI/CD pipelines.
  • Support the evaluation and use of application security tools such as IAST, DAST, SCA, and API security solutions.
  • Communicate findings and recommendations clearly in written and verbal formats.

Requirements

  • 5-7 years of security engineering experience in the Information Security industry.
  • Bachelor’s degree in a relevant discipline or equivalent experience.
  • Proficiency with implementing, operationalizing, and troubleshooting SAST tools such as Semgrep, Snyk, CodeQL, Checkmarx, and Veracode.
  • Understanding of CI/CD pipeline tools and processes such as GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, and CircleCI.
  • Experience in software engineering, ideally full stack development, including modern technologies and application architectures.
  • Strong scripting and automation experience using one or more programming languages.
  • Solid working knowledge of application security fundamentals, including the OWASP Top 10, threat modeling, and secure coding practices throughout the SDLC.
  • Excellent written and verbal communication skills.
  • Experience writing or adapting custom SAST rules in Semgrep or CodeQL, preferred.
  • Familiarity with additional application security tools such as IAST, DAST, API security, and SCA, preferred.
  • Familiarity with API security tools such as NoName, Traceable, Salt, and Cequence, preferred.
  • Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite, preferred.
  • Experience triaging and remediating technical vulnerabilities identified by web application scanning tools, preferred.
  • Past experience as an application security practitioner or software engineer, preferred.

Benefits

  • Remote workforce primarily for U.S.-based employees, with some travel or on-site work required for certain Federal positions.
  • Group medical insurance options with significant employer-paid premiums, including PPO and High Deductible Health Plan choices.
  • Group dental insurance with GuidePoint paying 100% of employee premiums and 75% of family plan premiums.
  • 12 corporate holidays plus a Flexible Time Off (FTO) program.
  • Healthy mobile phone and home internet allowance.
  • Eligibility for the retirement plan after 2 months at open enrollment.
  • Pet benefit option.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

SpaceX

Product Security Engineer (Starlink)

SpaceX 10K-50K Aerospace & Defense

SpaceX is hiring a Product Security Engineer for Starlink to design and strengthen security across the company’s satellite internet systems, from software and infrastructure to factory and network processes.

United States Full-time Mid Level Application Security Engineer
$130k-$180k
C C++ Go Network Security Python TCP/IP
3 hours, 21 minutes ago
TrueML

Sr. Application Security Engineer

TrueML 51-250 Internet Software & Services

TrueML is hiring a Senior Application Security Engineer to secure applications across the software development lifecycle for its remote U.S. product and technology team.

United States Full-time Lead Application Security Engineer
$125k-$140k
AWS CI/CD Docker Go JWT Kubernetes OAuth OWASP Python SAML SIEM WAF
8 hours, 6 minutes ago
Crypto.com

Application Support Engineer — Blockchain Security & AI Automation

Crypto.com 1K-5K Capital Markets

Crypto.com is hiring an Application Support Engineer in its Blockchain Security team to keep production blockchain applications stable while improving support operations through AI-driven automation.

United Kingdom Full-time Mid Level Application Security Engineer
Blockchain Encryption Go LLM Node.js Python REST API Rust Solana
15 hours, 24 minutes ago
Tines

Senior Product Security Engineer

Tines 51-250 Construction & Engineering

Tines is hiring a Senior Product Security Engineer in a remote U.S. role to lead product security efforts and scale security controls across an AI-forward engineering environment as the company’s product portfolio grows.

United States Full-time Senior Application Security Engineer
$218k-$235k
AWS CI/CD DevSecOps Docker Kubernetes Ruby Rust TypeScript
2 days, 8 hours ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers