Sr. Application Security Engineer

CentralReach is a leading provider of autism and IDD care software for Applied Behavior Analysis (ABA) and related therapies. They are seeking an experienced Application Security Engineer to drive secure development practices across their product ecosystem, partnering closely with application development teams to integrate security into every stage of the SDLC.

Responsibilities:

• Act as the security representative for all SSDLC activities, partnering with development teams to embed security early and continuously
• Conduct architecture reviews, threat modeling, and security design consultations for new applications, services, and features
• Review pull requests (PRs) for security concerns and support secure code review processes, particularly in .NET-based applications
• Integrate and maintain automated security checks within CI/CD pipelines
• Apply best practices aligned with OWASP, CIS, and other industry benchmarks, ensuring robust protection for traditional and AI-driven systems
• Enhance application and infrastructure security in containerized environments, including Kubernetes and AWS EKS
• Collaborate with developers and architects to identify, assess, and remediate vulnerabilities efficiently

Requirements:

• Strong understanding of application security principles, secure coding, and threat modeling
• Familiarity with Kubernetes/EKS and cloud-native architectures
• Extensive experience working alongside and partnering with software engineers to build systems that are secure by design
• Excellent communication and collaboration skills with a proactive, partnership-oriented mindset
• Experience integrating security into CI/CD workflows (Jenkins preferred)
• Working knowledge of C#, ASP.NET, and React is strongly preferred; an understanding of Python will also serve you well in this role