CrawlJobs Logo

Application Security Engineer

scitec.com Logo

SciTec

Location Icon

Location:
United States , Boulder

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

96000.00 - 146000.00 USD / Year
Save Job
Save Icon
Apply Position

Job Description:

SciTec has an immediate opportunity for a talented engineer to support our programs delivering Next-Generation Missile Warning software. This is a unique opportunity to join a business delivering core capabilities for National defense. You will work within a fast-paced team delivering end-to-end software processing of Overhead Persistent InfraRed (OPIR) sensor data for Missile Warning, Missile Defense, Battlespace Awareness, and Technical Intelligence. We are seeking an Application Security Engineer to help secure mission-critical software systems by identifying, analyzing, and mitigating application-level vulnerabilities. This role focuses on hands-on security analysis, tooling integration, and working directly with software engineers to embed security into the development lifecycle. The ideal candidate combines strong technical security skills with the ability to collaborate effectively with developers in a DevSecOps environment.

Job Responsibility:

  • Perform application security analysis using both automated and manual techniques, including: Static code analysis (SAST)
  • Software composition analysis (SCA)
  • Fuzzing
  • Manual code and design reviews
  • Identify, analyze, and help remediate application vulnerabilities
  • Support software engineers in integrating security considerations into system and application designs
  • Integrate and maintain application security tooling within CI/CD and DevSecOps pipelines
  • Design, implement, and improve continuous integration security analysis tooling
  • Tune and maintain security tools to reduce false positives and improve signal quality
  • Assist development teams in understanding findings and implementing effective fixes
  • Support threat modeling and secure design reviews
  • Stay current with emerging vulnerabilities, attack techniques, and mitigation strategies
  • Document findings, recommendations, and best practices
  • Perform other duties as assigned

Requirements:

  • Bachelor’s degree plus 2+ years of professional experience in cybersecurity or software development, or equivalent experience
  • 2+ years of experience focused on application/software security
  • Experience analyzing source code for security flaws
  • Familiarity with secure software development practices
  • Strong analytical, problem-solving, and communication skills
  • Detail-oriented with strong written and verbal communication abilities
  • Ability to qualify for and maintain a DoD or DoE Secret security clearance
  • Ability to meet DoD 8140.01 Cyberspace Workforce Management requirements within six months of hire
  • Good verbal and written communication skills
  • Attention to detail

Nice to have:

  • Active DoD Secret clearance or higher
  • Experience identifying, exploiting, and remediating application vulnerabilities
  • Credit for published CVEs is a strong plus
  • Proficiency in one or more programming languages such as C++, Python, JavaScript, Rust
  • Experience configuring and operating static analysis tools (e.g., Coverity, Klocwork, SonarQube)
  • Experience configuring and operating software composition analysis tools (e.g., Snyk, Sonatype, Anchore, JFrog Xray)
  • Experience with fuzzing frameworks (AFL, AFL++, honggfuzz, or similar)
  • Experience with debugging, runtime instrumentation, or reverse engineering, including tools such as: strace
  • eBPF
  • Ghidra or IDA Pro
  • Familiarity with threat modeling methodologies and frameworks such as MITRE ATT&CK
  • Experience working in DevSecOps or Agile development environments
What we offer:
  • 4% Safe Harbor 401(k) match
  • 100% company paid HSA Medical insurance, with a choice of 2 buy-up options
  • 80% company paid Dental insurance
  • 100% company paid Vision insurance
  • 100% company paid Life insurance
  • 100% company paid Long-term Disability insurance
  • 100% company paid Hospital Indemnity insurance
  • Voluntary Accident and Critical Illness insurance
  • Short-term Disability insurance
  • Annual Profit-Sharing Plan
  • Discretionary Performance Bonus
  • Paid Parental Leave
  • Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
  • Flexible Work Hours

Additional Information:

Job Posted:
February 14, 2026

Employment Type:
Fulltime
Work Type:
On-site work
Icon
SciTec - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Security Engineer

Application Security Engineer

This role is for a senior engineer with hands-on experience in building applicat...
Location
Location
Israel , Tel Aviv
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Expertise of cloud engineering and application security, demonstrated by previous roles in the domain and industry certification
  • good understanding of security capabilities supporting application development such as authentication, authorization, credential management, certificate management, encryption for on-prem and cloud
  • understanding of container orchestration technologies
  • hands-on experience developing high-performance solutions following Agile methodologies ideally backend Java experience
  • containers K8s hands on experience understanding the lifecycle of a containers and integration with security boundaries-advantage
  • experience in building end to end solutions for the cloud domain in a secure manner
  • familiarity with GoLang, Node.js UI authentication is an advantage.
Job Responsibility
Job Responsibility
  • Technical engineer working with key stakeholders of cloud engineering and application security experts
  • explore and resolve key application security gaps and drive their resolutions
  • develop modules that resolve identified gaps in a centralized optimized manner such as credential management, authentication, authorization, end-to-end scanning tools
  • act as an advisor and expert lead to various development teams across the company to help them improve their expertise within cloud engineering and application security.
  • Fulltime
Read More
Arrow Right

Application Security Engineer

In the HPE Hybrid Cloud, we lead the innovation agenda and technology roadmap fo...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Security, or a related field
  • 5+ years of experience in application security, including hands-on experience with security testing tools and techniques
  • Strong understanding of web application security concepts, including OWASP Top 10 vulnerabilities and secure coding practices
  • Experience with security testing tools such as Burp Suite, OWASP ZAP, and code analysis tools like SonarQube or Checkmarx, Snyk
  • Proficiency in at least one programming language (e.g., Java, Python, JavaScript) and ability to review and understand code
  • Familiarity with software development methodologies (e.g., Agile, DevOps) and their impact on security practices
  • Excellent analytical and problem-solving skills, with attention to detail
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams
  • Certifications such as CISSP, CEH, or CASE (Java), or equivalent
  • Demonstrated ability to work independently and prioritize tasks in a fast-paced environment
Job Responsibility
Job Responsibility
  • Conduct thorough security assessments of applications, identifying vulnerabilities and weaknesses in code, architecture, and configurations
  • Collaborate closely with development teams to integrate security best practices into the software development lifecycle (SDLC) and ensure secure coding standards are followed
  • Perform regular security testing, including static code analysis, dynamic application scanning, and penetration testing, to identify and mitigate security risks
  • Analyze security incidents and provide timely response and remediation actions to mitigate potential threats
  • Develop and maintain security documentation, including security requirements, design documents, and security testing reports
  • Assist in the design and implementation of security controls and mechanisms to protect sensitive data and critical systems
  • Stay up-to-date with emerging security threats and industry best practices, and recommend security enhancements and controls accordingly
  • Provide security guidance and support to cross-functional teams, including developers, architects, and project managers
  • Participate in security reviews and audits, ensuring compliance with security policies, standards, and regulatory requirements
  • Collaborate with third-party vendors and partners to assess the security posture of integrated systems and applications
What we offer
What we offer
  • Health & Wellbeing
  • Personal & Professional Development
  • Unconditional Inclusion
  • Fulltime
Read More
Arrow Right

Senior Application Security Engineer

This role involves embedding security into software delivery pipelines, designin...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
https://www.hpe.com/ Logo
Hewlett Packard Enterprise
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5–8+ years of experience in Application Security, Product Security, or Secure Software Development
  • hands-on experience securing software delivery pipelines (CI/CD) and source code repositories (GitHub, GitLab, Jenkins)
  • knowledge of supply chain security frameworks and controls (e.g., SLSA, NIST SSDF)
  • familiarity with secrets management, artifact signing (Sigstore, Cosign), and build integrity practices
  • hands-on experience with WAF tuning, API security controls, and vulnerability remediation
  • proficiency with one or more programming languages (Python, Java, Go, JavaScript/Node.js)
  • experience with SAST, DAST, SCA, and container image scanning tools
  • cloud security experience with AWS, Azure, or GCP
  • deep understanding of OWASP Top 10 (Web + API), CWE, and secure coding practices
Job Responsibility
Job Responsibility
  • secure SDLC & DevSecOps integration
  • design and implement security controls for build and release pipelines (GitHub Actions, Jenkins, GitLab, Azure DevOps)
  • ensure code integrity via signing, artifact scanning, and build provenance
  • automate SAST, DAST, SCA, and container image scanning as part of the software delivery pipeline
  • identify and remediate misconfigurations in pipeline environments and access control
  • design, implement, and monitor WAF rules and API protections
  • perform API risk assessments
  • champion secure design patterns
  • conduct secure code reviews and support automation of testing pipelines
  • triage, prioritize, and track security issues identified in code, pipelines, and deployed environments
What we offer
What we offer
  • comprehensive suite of benefits that supports physical, financial and emotional wellbeing
  • programs catered to helping you reach career goals
  • inclusive work environment
  • Fulltime
Read More
Arrow Right

Application Security Engineer / Analyst

Core Responsibilities: Perform Web Application and API Security testing aligned ...
Location
Location
India , Chennai, Bangalore
Salary
Salary:
Not provided
ambconline.com Logo
AMBC
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
  • Work Experience 3 to 6 years
Job Responsibility
Job Responsibility
  • Perform Web Application and API Security testing aligned with OWASP Top 10 using tools such as Burp Suite, Postman, and Tenable Nessus
  • Conduct Secure Code Reviews (manual and SAST-based) to identify vulnerabilities in source code and recommend remediation steps
  • Integrate and validate security controls within CI/CD pipelines for continuous testing and compliance
  • Assess application, microservice, and infrastructure security gaps, and support teams with remediation planning
  • Define and review hardening standards, TLS configurations, and integration security controls
  • Collaborate with developers, architects, and DevOps teams to embed “Shift Left” security practices during SDLC stages
  • Document findings, prepare detailed security assessment reports, and assist in mitigation validation
  • Stay updated with emerging threats, vulnerabilities, and security best practices to strengthen product security posture
Read More
Arrow Right

Application Security Engineer

Checkmarx, a leader in the application security testing market, actively seeks t...
Location
Location
India , Pune
Salary
Salary:
Not provided
checkmarx.com Logo
Checkmarx
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in computer science or another highly technical scientific discipline
  • +3 years experience in development using one or more high-level programming languages like Java, .Net, Javascript, Go, Python, etc.
  • +3 years experience in security-focused code review covering some market standards AppSec Frameworks like OWASP Web/API/Mobile Top 10, PCI- DSS, etc.
  • A proactive approach to spotting problems, areas for improvement, and performance bottlenecks
  • Strong technical aptitude - being able to pick up technical concepts rapidly is required
  • Highly motivated self-starter
  • Fluent in English (++ for other languages)
Job Responsibility
Job Responsibility
  • Support some of our strategic/top-tier customers in conducting security-focused code reviews using the Checkmarx Platform
  • Support customer's AppSec and Dev Teams with mitigation advice for identified vulnerabilities
  • Create proof-of-concept based on identified vector attacks
  • Conduct security-focused statical code analysis on top of a broad range of development languages and open-source libraries
  • Support customer AppSec/Dev teams with mitigation strategy/advice for identified vulnerabilities
  • When required, create proofs-of-concept that can illustrate a given vulnerability exploitability
  • When needed, support AppSec/Dev teams in analyzing applications
What we offer
What we offer
  • Great work environment
  • professional development
  • challenging careers
  • competitive compensation
  • great work-life balance
  • great benefits and perks throughout the year
  • Fulltime
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Melbourne; Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
Read More
Arrow Right

Staff Application Security Engineer

As a Staff Application Security Engineer at Culture Amp, you will play a pivotal...
Location
Location
Australia , Sydney
Salary
Salary:
Not provided
cultureamp.com Logo
Culture Amp
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in application security engineering, with a proven track record of leading security initiatives in SaaS or cloud-native environments
  • Deep technical expertise in secure software development, secure coding practices, and common security frameworks (e.g., OWASP Top 10, NIST, PCI, SOC 2)
  • Proficiency in multiple programming languages (e.g., Ruby, Python, JavaScript, Go) and experience with modern web application architectures and cloud platforms (e.g. AWS)
  • Strong knowledge of security automation, CI/CD integration, and DevSecOps practices
  • Experience designing and implementing security tools, frameworks, and processes that scale with developer velocity
  • Demonstrated ability to lead and influence cross-functional teams, drive change, and deliver results in ambiguous or complex environments
  • Excellent communication skills, with the ability to explain complex security concepts to technical and non-technical audiences
  • Experience mentoring and developing engineers, and a passion for building a culture of security and continuous improvement
  • Familiarity with security-related compliance requirements and standards relevant to SaaS businesses
Job Responsibility
Job Responsibility
  • Lead and drive the most complex and high-impact application security reviews, threat modeling, and risk assessments across our product portfolio, providing expert guidance and direction for other team members
  • Collaborate with engineering, product, and platform teams to embed security into the SDLC, including secure design, code review, and automated security testing (DevSecOps)
  • Develop and scale security automation, tools, and centralized libraries that enable developers to build secure applications efficiently and at scale
  • Proactively identify, assess, and address security risks and vulnerabilities in our SaaS environment, including cloud-native and microservices architectures
  • Own and evolve our vulnerability management programs, ensuring timely triage, remediation, and communication of security issues
  • Mentor and support engineers across the organization, fostering a culture of security awareness, knowledge sharing, and continuous learning
  • Influence and drive cross-functional security initiatives, partnering with compliance, privacy, and infrastructure teams to meet regulatory and customer requirements (e.g., SOC 2, ISO 27001, OWASP)
  • Stay current with the latest security threats, technologies, and best practices, and advocate for their adoption within Culture Amp
  • Represent Culture Amp’s security expertise internally and externally, including supporting customer security reviews and contributing to the broader security community
What we offer
What we offer
  • Employee Share Options Program
  • Programs, coaching, and budgets to help you thrive personally and professionally
  • Access to external providers for mental wellbeing and coaching support
  • Monthly Camper Life Allowance
  • Team budgets dedicated to team building activities and connection
  • Intentional quarterly wellbeing pauses
  • Extended year-end breaks
  • Excellent parental leave and in work support program available from day 1
  • 5 Social Impact Days a year
  • MacBooks for you to do your best & a work from home office budget
  • Fulltime
Read More
Arrow Right

Senior Frontend Engineer (Application Security)

At Easygo, our DevSecOps team is at the heart of our engineering, security and o...
Location
Location
Australia , Melbourne
Salary
Salary:
Not provided
easygo.io Logo
Easygo Gaming
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's/Master's degree in Computer Science or equivalent practical experience
  • 7+ years of hands-on experience in software engineering, with a primary focus on security engineering
  • Strong understanding of code architecture and design principles
  • Excellent problem-solving skills and the ability to thrive in a fast-paced, dynamic environment
  • Strong communication skills for effective collaboration with teams and stakeholders
  • Analytical mindset to address complex technical challenges and devise innovative solutions
  • Positive attitude and eagerness to learn new technologies to grow as a security engineer
Job Responsibility
Job Responsibility
  • Lead by example, and drive the adoption of secure software development lifecycle (SSDLC) practices. This includes performing threat modelling, providing secure coding guidance to development teams, and embedding security requirements early in the design phase
  • Own, improve, execute and manage various security tests, including SAST, DAST, and SCA, to identify vulnerabilities. Analyse test results and prioritise findings. Fix what you find, and work with developers to ensure timely remediation
  • Implement and maintain automated security controls within the CI/CD pipeline. This involves integrating security tools to enable continuous security testing and monitoring, making security an integral part of the DevSecOps process
  • Deploy and configure Web Application Firewalls (WAFs) and Runtime Application Self-Protection (RASP) solutions to protect from real-time attacks. Respond to urgent application security incidents as needed
  • Take ownership of the platform vulnerability management program. This involves tracking, prioritising, and remediation of security flaws found in applications, ensuring all vulnerabilities are addressed and verified
  • Actively engage in hands-on coding, testing, debugging, and troubleshooting to ensure code quality, scalability, and maintainability
  • Write efficient, scalable, and maintainable code, adhering to coding standards and best practices
  • Innovate within the team by pushing for improvements and driving constructive changes to enhance team performance and efficiency
  • Analyse complex problems and provide effective solutions, contributing to team goals and initiatives
  • Lead and independently complete medium-sized projects or initiatives from start to finish
What we offer
What we offer
  • Access to over 9,000 courses across our Learning and Development Platform
  • EAP access for you and your family
  • Be rewarded with lucrative annual bonuses
  • Give back with a paid volunteer day
  • Fuel your day with daily breakfast and open pantries brimming with unlimited snacks and refreshments, all on the house
  • Break up the week with on site remedial massage Wednesdays
  • In house full-time barista’s providing you your daily coffee needs
  • Weekly team lunches and happy hour in the office from 4pm on Fridays
  • Enjoy a bustling office with the option for up to 2 days work from home per week
  • Fun office environment with pool tables, table tennis and all your favourite gaming consoles
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy