Application Security Engineer - Mid-Atlantic region (Remote in VA, MD, PA, NC, DE, NJ, or DC)
Skills
- Proficiency implementing and troubleshooting SAST tools
- Practical experience with CI/CD tooling and pipeline integration
- Software engineering background, ideally full-stack development
- Strong scripting and automation using one or more languages
- Working knowledge of OWASP Top 10, threat modeling, and secure coding
- Excellent written and verbal communication skills
Responsibilities
- Implement, configure, and troubleshoot SAST tools (e.g., Semgrep, Snyk, CodeQL, Checkmarx, Veracode) across projects
- Integrate automated application security testing into CI/CD pipelines (GitHub Actions, GitLab, Azure DevOps, Jenkins, etc.)
- Collaborate with development teams to triage findings, provide remediation guidance, and improve secure coding practices
- Write, adapt, and maintain custom SAST rules and detection logic
- Validate and reproduce vulnerabilities using tools such as Burp Suite and other assessment tooling
- Automate security workflows and build/operate security tooling within development pipelines
- Perform threat modeling and promote secure design across the SDLC
- Document processes, produce technical reports, and communicate findings to technical and non-technical stakeholders
Education
- Bachelor’s degree in a relevant discipline or equivalent experience
- Equivalent professional experience in lieu of degree accepted
- 3-5 years of security engineering experience in information security
Benefits
- Primarily remote workforce (U.S.-based)
- Group medical insurance with strong employer contributions (multiple plan options)
- Group dental insurance with employer-covered employee premiums
- Flexible Time Off (FTO) program and 12 corporate holidays
- Mobile phone and home internet allowance
- Retirement plan eligibility after 2 months (open enrollment)
- Pet benefit option
- Opportunities for mentorship and career growth at a rapidly expanding firm
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
GuidePoint Security is hiring an Employee Relations Specialist to partner with leaders and deliver employee relations, performance and retention strategies in a primarily remote environment.
Experienced Okta Architect wanted to lead enterprise IAM design, deployment, and lifecycle solutions for GuidePoint Security's large commercial and government clients.
Lead the Storrs Tech Shop as Department Manager, overseeing sales, repairs, inventory, and a small team to deliver expert tech support and exceptional customer service on campus.
UChicago Medicine is hiring an Epic Provider Admin and Data Courier Analyst - Intermediate to configure Epic Provider Administration and Data Courier solutions and support clinical application needs across the organization.
Middlebury College seeks an Audio Visual Technology Specialist I to provide frontline A/V support for classrooms, events, and campus video platforms.
Experienced Level 2 Service Technician sought to deliver hands-on Windows, server, virtualization and network support for clients on a defined CST schedule.
Toyota R&D needs a seasoned OneTech Analyst to lead management and security of engineering client systems at the Saline, MI campus.
Evolv is hiring a Senior Business Applications Administrator to own NetSuite and related enterprise systems, delivering secure, compliant, and scalable business application solutions for a high-growth public company.
Lead Oregon’s enterprise cybersecurity operations as the Chief Cybersecurity Technology Director, partnering with the State CISO to build and manage a best-in-class information security and compliance program.
Work within MUFG’s security operations to detect, investigate, and respond to cybersecurity threats while helping strengthen detection, automation, and forensic capabilities across the enterprise.
Provide advanced Level 2 remote IT support for MSP clients, resolving complex Microsoft 365, networking, security, and VoIP issues while maintaining compliance and documentation.
An experienced SQL Server Database Administrator with an active TS/SCI clearance is needed to design, secure, and optimize mission-critical databases supporting Intelligence Community operations in Quantico, VA.
Lead citywide cyber resilience efforts by designing and executing multi-stakeholder exercises, refining incident response playbooks, and driving improvements across agencies for New York City Cyber Command.
Riptide Technology is hiring a Senior Systems Administrator II to operate and secure enterprise Windows/Linux/Citrix systems at a TS/SCI-cleared, onsite government location in Springfield, VA.
Serve Oakland County by troubleshooting mobile and telecommunications equipment and coordinating deployments to ensure reliable communications for staff and constituents.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you ...
28 jobs
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
