Job Description

Role: Sr Application Security Engineer

Location: Forth worth, TX (Hybrid Onsite)

Duration: 12+ months

Key Responsibilities

• Ability to identify, triage, and remediate issues such as injection flaws, insecure deserialization, and misconfigurations.
• Integrate and manage SAST and DAST tools within CI/CD pipelines.
• Collaborate with development teams to remediate vulnerabilities and enforce secure coding standards.
• Design and implement guardrails for AI-powered applications, mitigating risks like prompt injection, model inversion, and data poisoning.
• Develop and maintain security policies, procedures, and documentation.
• Conduct security assessments and provide actionable recommendations.
• Analyze complex problems and implement effective solutions or workarounds.
• Mentor junior engineers and promote security awareness across teams.
• Build and maintain CI/CD pipelines using tools like CloudBees, Jenkins, Buddy, UrbanCode, etc.
• Develop automation solutions using Python, Java, or PowerShell.
• Work with APIs, endpoints, and databases to develop integrated security solutions.
• Use IDEs such as Visual Studio, Visual Studio Code, Eclipse for secure development and debugging.
• Implement and manage GitHub Advanced Security features including code scanning, secret scanning, and Dependabot alerts.
• Apply extensive experience working with DevOps tools such as GitHub, including workflows, actions, and advanced workflow automation.
• Understand and remediate security vulnerabilities across multiple programming languages.
• Work with Azure Resource Manager (ARM) and scripting tools including PowerShell, Azure CLI, JavaScript, Shell scripts, Python, or similar.
• Collaborate within an Agile team environment using Azure DevOps.
• Familiarity with OWASP Dependency-Check and similar tools to manage third-party risks

Required Qualifications

• Minimum 3 years of experience in application security or software engineering with a security focus.
• Strong programming skills in one or more languages (e.g., Python, Java, JavaScript, C#).
• At least 3 years of experience developing automation solutions using Python, Java, or PowerShell.

Preferred Qualifications

• Hands-on experience with SAST and DAST tools (e.g., Veracode, GitHub)
• Deep understanding of security vulnerabilities in multiple programming languages (e.g., Python, Java, JavaScript, C#).
• Solid understanding of OWASP Top 10 and familiarity with SANS Top 25 vulnerabilities.
• Experience with AI security concepts and mitigation strategies.
• CompTIA Security+ certification or equivalent.
• Experience with cloud-native security (AWS, Azure, Google Cloud Platform).
• Experience developing solutions that combine data from APIs, endpoints, and databases.
• Outstanding communication and strong analytical skills.
• Ability to function effectively in a globally diverse work environment.
• Clearly communicates risks, solutions, and security posture to technical and non-technical stakeholders.
• Experience with GenAI risk mitigation (e.g., prompt injection, data leakage).
• Knowledge of container security and infrastructure-as-code scanning.
• Certifications such as CISSP, OSCP, or GIAC are a plus.

Job Tags

Similar Jobs