Senior Applications Security Engineer
Omaha, Florida, United States of America
Full Time
3 hours ago
No Visa Sponsorship
Key skills
CloudAICI/CDLeadershipMentoringCommunicationDecision MakingOWASP
About this role
Role Overview
- Own and operate application security tooling, including SAST, DAST, and software composition analysis, ensuring tools are tuned, effective, and aligned to business risk
- Embed application security into CI/CD pipelines and development workflows to support shift‑left security while minimizing developer friction
- Perform secure code reviews and validate vulnerabilities for exploitability, impact, and remediation feasibility
- Define and maintain secure coding standards, guidance, and reusable security patterns for development teams
- Establish guardrails and review expectations for AI‑assisted and AI‑generated code, reducing unowned and unmanaged application risk
- Partner with development teams to triage findings, reduce false positives, and drive effective remediation
- Apply risk‑based decision making aligned to organizational risk appetite and compliance frameworks (NIST, HIPAA, SOC 2)
- Support application threat modeling and identification of architectural security gaps
- Collaborate with cloud, platform, and identity teams to ensure applications integrate securely with enterprise services
- Contribute to audit readiness, evidence collection, and regulatory support related to application security controls
- Reduce single‑points‑of‑failure by documenting processes, mentoring others, and improving program resiliency
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience)
- 6 years of experience in application security, secure software development, or DevSecOps
- Hands-on experience with SAST, DAST, and dependency scanning tools, including tuning and operational ownership
- Strong understanding of application vulnerability classes (OWASP Top 10, APIs, authentication, authorization)
- Experience integrating security into CI/CD pipelines and development workflows
- Proven ability to assess risk, prioritize remediation, and clearly communicate decisions
- Comfort working independently, taking ownership, and driving outcomes with minimal oversight
- Strong communication skills with the ability to work effectively with developers, architects, and leadership
- An equivalent combination of education and experience may be substituted for this requirement
- The ability to meet or exceed the attendance and timeliness requirements of their departments
- On-call work may be required based on business needs and role assignment
- The ability to work well in a team environment and be capable of building and maintaining positive relationships with other staff, departments, and customers
Tech Stack
- Cloud
Benefits
- Remote flexibility for candidates in FL, IA, KS, MN, MO, NE, ND, or TX
- 1 day per week in the office