CrawlJobs Logo
Robert Half Logo Robert Half · IT - Software Development

Application Security Engineer

United States, Reading · Job Posted June 04, 2026
Apply Position
Job Link Share

Job Description

We are looking for an Application Security Engineer to strengthen secure software delivery and partner closely with engineering teams in Reading, Pennsylvania. This role focuses on embedding security throughout the software lifecycle, from architecture and development through deployment and ongoing operations. The ideal candidate brings deep application security expertise, a collaborative mindset, and the ability to translate security requirements into practical engineering guidance.

Job Responsibility

  • Partner with software engineering and cybersecurity teams to build security into application design, coding practices, release processes, and production support
  • Perform in-depth security evaluations through code analysis, threat modeling, penetration testing, and vulnerability assessments to uncover and prioritize risk
  • Establish and uphold secure development standards, reusable patterns, and technical guidance that improve consistency across teams
  • Administer and enhance security controls within CI/CD workflows, including code scanning, infrastructure-as-code checks, and container security tooling
  • Contribute to architecture assessments for cloud-based systems, microservices, and containerized applications to ensure resilient and secure designs
  • Evaluate application risks and support formal security reviews to guide mitigation planning and informed technical decisions
  • Verify that application security activities align with applicable compliance obligations and recognized industry frameworks
  • Create and deliver training sessions that help developers strengthen secure coding habits and increase security awareness
  • Track emerging attack techniques and threat intelligence, then apply those insights to improve preventive and detective controls
  • Support the monitoring, investigation, and remediation of application security issues, while coordinating effectively with external vendors and consultants as needed

Requirements

  • Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or another related technical discipline
  • At least 5 years of experience in information security, including 3 or more years dedicated to application security, secure software engineering, or DevSecOps
  • Proven success helping build, strengthen, or scale an application security program in a lead or highly influential capacity
  • Strong understanding of common application security risks, secure SDLC practices, and widely recognized vulnerability frameworks and standards
  • Hands-on experience with application security testing platforms such as Burp Suite, Fortify, Checkmarx, Veracode, or similar tools
  • Working knowledge of threat modeling, penetration testing, secure architecture review, and modern software security assessment techniques
  • Practical experience securing cloud environments such as AWS or Azure, along with familiarity with Kubernetes, container hardening, and runtime protection
  • Active passport required, with willingness and ability to travel internationally

What we offer

  • Medical, vision, dental, and life and disability insurance
  • Eligibility to enroll in company 401(k) plan
Robert Half - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Application Security Engineer

8 matching positions

Application Security Engineer

In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap fo...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in application security, including hands-on experience with security testing tools and techniques
  • Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities and secure coding practices
  • Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk
  • Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code
  • Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices
  • Excellent analytical and problem-solving skills, with attention to detail
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
  • Certifications such as CISSP, CEH, or CASE (Java), or equivalent
  • Demonstrated ability to work independently and prioritize tasks in a fast-paced environment
Job Responsibility
Job Responsibility
  • Conduct thorough security assessments of applications, identifying vulnerabilities and weaknesses in code, architecture, and configurations
  • Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed
  • Perform regular security testing, including static code analysis, dynamic application scanning, and penetration testing, to identify and mitigate security risks
  • Analyze security incidents and provide timely response and remediation actions to mitigate potential threats
  • Develop and maintain security documentation, including security requirements, design documents, and security testing reports
  • Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems
  • Stay up-to-date with emerging security threats and industry best practices, and recommend security enhancements and controls accordingly
  • Provide security guidance and support to cross-functional teams, including developers, architects, and project managers
  • Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements
  • Collaborate with third-party vendors and partners to assess the security posture of integrated systems and applications
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Application Security Engineer

Checkmarx, a leader in the application security testing market, actively seeks t...
Location
Location
India , Pune
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science or another highly technical scientific discipline
  • +3 years experience in development using one or more high-level programming languages like Java, .Net, Javascript, Go, Python, etc.
  • +3 years experience in security-focused code review covering some market standards AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI- DSS, etc.
  • A proactive approach to spotting problems, areas for improvement, and performance bottlenecks
  • Strong technical aptitude - being able to pick up technical concepts rapidly is required
  • Highly motivated self-starter
  • Fluent in English (++ for other languages)
Job Responsibility
Job Responsibility
  • Support some of our strategic/top-tier customers in conducting security-focused code reviews using the Checkmarx Platform
  • Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities
  • Create proof-of-concept based on identified vector attacks
  • Conduct security-focused statical code analysis on top of a broad range of development languages and open-source libraries
  • Support customer AppSec/Dev teams with mitigation strategy/advice for identified vulnerabilities
  • When required, create proofs-of-concept that can illustrate a given vulnerability exploitability
  • When needed, support AppSec/Dev teams in analyzing applications
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right

Senior Frontend Engineer (Application Security)

At Easygo, our DevSecOps team is at the heart of our engineering, security and o...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
easygo.io Logo
Easygo Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's/Master's degree in Computer Science or equivalent practical experience
  • 7+ years of hands-on experience in software engineering, with a primary focus on security engineering
  • Strong understanding of code architecture and design principles
  • Excellent problem-solving skills and the ability to thrive in a fast-paced, dynamic environment
  • Strong communication skills for effective collaboration with teams and stakeholders
  • Analytical mindset to address complex technical challenges and devise innovative solutions
  • Positive attitude and eagerness to learn new technologies to grow as a security engineer
Job Responsibility
Job Responsibility
  • Lead by example, and drive the adoption of secure software development lifecycle (SSDLC) practices. This includes performing threat modelling, providing secure coding guidance to development teams, and embedding security requirements early in the design phase
  • Own, improve, execute and manage various security tests, including SAST, DAST, and SCA, to identify vulnerabilities. Analyse test results and prioritise findings. Fix what you find, and work with developers to ensure timely remediation
  • Implement and maintain automated security controls within the CI/CD pipeline. This involves integrating security tools to enable continuous security testing and monitoring, making security an integral part of the DevSecOps process
  • Deploy and configure Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) solutions to protect from real-time attacks. Respond to urgent application security incidents as needed
  • Take ownership of the platform vulnerability management program. This involves tracking, prioritising, and remediation of security flaws found in applications, ensuring all vulnerabilities are addressed and verified
  • Actively engage in hands-on coding, testing, debugging, and troubleshooting to ensure code quality, scalability, and maintainability
  • Write efficient, scalable, and maintainable code, adhering to coding standards and best practices
  • Innovate within the team by pushing for improvements and driving constructive changes to enhance team performance and efficiency
  • Analyse complex problems and provide effective solutions, contributing to team goals and initiatives
  • Lead and independently complete medium-sized projects or initiatives from start to finish
What we offer
What we offer
  • Access to over 9,000 courses across our Learning and Development Platform
  • EAP access for you and your family
  • Be rewarded with lucrative annual bonuses
  • Give back with a paid volunteer day
  • Fuel your day with daily breakfast and open pantries brimming with unlimited snacks and refreshments, all on the house
  • Break up the week with on site remedial massage Wednesdays
  • In house full-time barista’s providing you your daily coffee needs
  • Weekly team lunches and happy hour in the office from 4pm on Fridays
  • Enjoy a bustling office with the option for up to 2 days work from home per week
  • Fun office environment with pool tables, table tennis and all your favourite gaming consoles
  • Fulltime
Read More
Arrow Right

Security Engineer, Application Security

Figure is an AI Robotics company developing a general purpose humanoid. Our huma...
Location
Location
United States , San Jose
Salary
Salary:
150000.00 - 350000.00 USD / Year
figure.ai Logo
Figure
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in several of the following application security domains: penetration testing, vulnerability research, security assessment, secure coding practices, security architecture & design, hardware security
  • Strong software engineering (not scripting or automation) skills in C/C++, Rust, Golang, Python or similar
  • Experience with securing embedded systems, including secure boot, secure identity, OTA, or others
  • Solid foundation in web security, mobile security, or cryptography
  • Ability to collaborate with internal and external stakeholders whilst prioritizing tasks and work independently under minimal supervision.
  • BS in Computer Science, Engineering, Information Systems, or equivalent years of experience in a related technical field
  • 3+ years of experience in the field of application security or related security role
  • Passion for learning and helping others
  • Excellent verbal and written communication skills, with high attention to detail
Job Responsibility
Job Responsibility
  • Conduct security assessments of applications, embedded systems, back-end services, and business integrations, as well as build tooling for a secure development lifecycle
  • Design technical solutions to mitigate security weaknesses on the robot and our service stack. Work with teams across the company to implement them.
  • Build frameworks and systems to prevent classes of vulnerabilities
  • Hunt for vulnerabilities and insecure coding patterns on our product stack (backend services and robot internal systems)
  • Be a champion for security and user privacy
  • Fulltime
Read More
Arrow Right