Senior Application Security Engineer, Corporate Information Security- Remote (Anywhere in the U.S.)
Skills
- 8+ years in application security, software engineering, or related roles with strong SDLC security integration experience.
- Hands-on development experience with Java, Python, and JavaScript/TypeScript and security-focused pull request reviews.
- Experience with SAST/DAST tools and manual testing (e.g., Checkmarx, CodeQL, Burp Suite) and AI-assisted security tools.
- Automation experience with SCA, secret scanners, IaC scanners, and container/image scanners and integrating them into CI/CD.
- Familiarity with CI/CD platforms (GitHub Actions, GitLab CI, Jenkins, CircleCI) and modern DevSecOps practices.
- Knowledge of security telemetry/runtime monitoring tools (Wiz, Lacework, Falco, Datadog) and incident response support.
- Strong understanding of OWASP Top 10, CWE, secure coding standards, and threat modeling (STRIDE/PASTA).
Responsibilities
- Embed security practices across architecture, design, code, and CI/CD pipelines including hands-on secure code reviews and PR security checkpoints.
- Perform automated and manual vulnerability discovery (SAST/DAST), manual code reviews, and penetration testing for web and mobile applications.
- Design and implement security automation in CI/CD for SCA, secret detection, IaC scanning, container/image scanning, and dependency monitoring.
- Implement production telemetry and runtime monitoring with AI-driven anomaly detection and automated response capabilities.
- Lead architecture reviews and threat modeling sessions to identify design-level risks and influence secure system patterns.
- Support incident response, remediation, root cause analysis, and post-incident hardening.
- Define, track, and report application security metrics and drive continuous improvement of the AppSec program.
Education
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or equivalent experience.
- Relevant security certifications encouraged (CISSP, CSSLP, OSCP, SANS/GIAC) — preferred but not strictly required.
Benefits
- Group medical insurance with employer-paid premium contributions (zero deductible PPO or HDHP with HSA options).
- Group dental insurance with employer-paid employee premiums and family coverage contribution.
- Flexible Time Off (FTO) and 12 corporate holidays.
- Healthy mobile phone and home internet allowance.
- Retirement plan eligibility after open enrollment (after ~2 months).
- Pet benefit option and remote-first work environment.
- Opportunities for mentorship, career growth, and working with leading security vendors and enterprise customers.
Average salary estimate
If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.
GuidePoint Security seeks an early-career OT Security Analyst to support industrial cybersecurity assessments and client deliverables across critical infrastructure environments in a remote, growth-oriented role.
GuidePoint Security is hiring a self-motivated Vulnerability Analyst to support vulnerability management programs, perform scan analysis, and drive remediation strategies across enterprise environments.
Senior IT applications leader to oversee Epic, Workday and Infor implementations and ongoing application strategy across a multi-hospital health system, driving informatics, governance and change management.
Experienced Windows systems engineer with Top Secret clearance needed to support and manage classified Windows Server environments and endpoint platforms in deployed and fielded operations.
RainFocus is hiring a Helpdesk Technician in Lehi, UT to deliver first-level support for Windows and macOS systems and ensure smooth IT operations for internal users.
Experienced Applications Engineer needed to support and troubleshoot Oracle Applications in a production environment, providing on-call weekend coverage and collaborating with global teams.
Lead Sentry’s security strategy and organization to secure its SaaS platform and open-source offerings while building automated, scalable controls and product-facing security features.
Lead and scale Mercer Advisors' enterprise infrastructure and operations to deliver secure, highly available systems and outstanding end-user support across a distributed workforce.
Senior M365 Exchange Engineer needed to lead design, migration, and operational support of Exchange Online and broader Microsoft 365 services for a government-focused CACI team.
Lead Infrastructure Engineer to architect and manage resilient hybrid cloud and on-prem infrastructure for Fortune Brands' Deerfield campus.
Mandolin is hiring an experienced IT Engineer to own infrastructure, security, and compliance-aligned IT practices for a fast-growing, regulated healthcare AI startup.
Provide hands-on network operations and system administration support for a DoD base infrastructure modernization effort at Peterson SFB, ensuring secure, reliable network and server operations.
As a SOC Analyst I based in Grand Rapids, you will monitor security telemetry, investigate alerts, and execute incident response playbooks to help protect the organization from threats.
Experienced enterprise and solution architect needed to lead architecture roadmaps and integrate cloud, data, application, and infrastructure solutions for FAA modernization efforts.
stow is hiring an onsite IT Coordinator in Adairsville to manage plant IT infrastructure and production applications while coordinating with Corporate IT.
GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you ...
13 jobs
🔮
Hi, I'm Risa! Your AI Career Copilot
you, just ask me below!
