Cyber Security Engineer

Job Description

We are seeking a Senior Application Security Engineer to help design and implement security controls that safeguard our clients software applications. In this role, you’ll apply your deep knowledge of secure coding practices and application security tools to develop and enforce security policies, procedures, and controls that defend against evolving cyber threats. You’ll work closely with cross-functional teams to ensure our applications adhere to the highest security and compliance standards while fostering a culture of secure software development.

Key Responsibilities:

•Partner with IT leadership to support the vision, strategy, and governance of the Application Security program, ensuring alignment with organizational goals.

•Collaborate with development teams to define, document, and integrate security requirements into the software development lifecycle (SDLC), including the use of Software Composition Analysis (SCA), Software Bill of Materials (SBOM), and dependency management.

•Automate continuous security assessments for web and mobile applications, manage tool integrations, and drive remediation efforts for identified vulnerabilities.

•Build metrics-driven dashboards and reports that communicate current risk exposure to leadership, track security improvements, and highlight remediation progress and trends.

•Perform in-depth software, code, design, and architecture reviews to identify and mitigate risks, enforce secure coding practices, and influence architectural decisions.

•Lead threat modeling and risk analysis for both client- and server-side applications, delivering actionable insights to development teams and security leadership.

•Develop and deliver tailored application security training and awareness programs to promote secure coding and reduce vulnerabilities in production.

•Govern the application security exception process, ensuring all deviations from policy are risk-assessed, documented, and approved appropriately.

•Advocate for secure-by-design principles across teams and contribute to the creation of reusable security components for consistent implementation.

Job Requirements:

•Bachelor’s degree in computer science, Information Security, or a related discipline.

•Minimum 5 years of experience in software development or software design, with practical coding experience in languages such as .NET, C#, Java, JavaScript, or Python.

•At least 3 years of progressive experience in application security, with demonstrated leadership in secure development practices.

•CISSP or CSSLP certification is preferred.

•Strong background in securing cloud-based technologies and APIs.

•Proven ability to interpret vulnerability findings and translate them into prioritized action plans for development teams based on risk.

•Hands-on experience with security assessment tools (e.g., SAST, DAST, SCA, fuzz testing), with a clear understanding of their capabilities and limitations.

•Strong knowledge of OWASP Top 10, CWE Top 25, and data protection standards.

•Strong interpersonal and stakeholder engagement skills, including experience working with senior leadership.Cyber Security, Java, Software Engineering, Veracode, Application Security

Full-time