Application Security Engineer
Remote · United States or Tempe, Arizona, United States
Job Summary
Application Security Engineer responsible for providing application security expertise throughout the SDLC and driving Application Security Analytics. Conduct security reviews and penetration testing of web/mobile apps, perform threat modeling, design secure architectures, develop security tooling and guidance, deliver security metrics to stakeholders, and train internal development teams on security best practices. Roles include creating security guidance documentation, supporting recruiting activities, and advancing the organization’s security posture through hands-on testing, risk assessment, and collaboration with engineering teams.
Required Qualifications
- 5+ years' experience with emphasis on application development, application security or related fields
- 3+ years of programming in Python, Ruby, Go, Swift, Java, .Net, C++ or similar object-oriented language experience
- 2+ years of threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
- 3+ years' experience in application security technologies with knowledge of application security threats, threat modeling, attack surface analysis, penetration testing, software vulnerability assessments, and understanding of software security threat vectors
- Knowledge of Component Analysis using tools such as OWASP Dependency-Check, Bytesafe Dependency Checker, Patton, PHP Security Checker, etc.
- Experience with static and dynamic application security testing
- Experience with AWS products and services
- Bachelor's degree in computer science or equivalent
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.