Application Security Engineer (Junior/Mid-Level)

Position Summary:  We’re looking for a passionate and motivated Application Security Engineer who is ready to grow into a key role in our security team. You don't need to be an expert in application security yet—but if you have development experience, a strong interest in cybersecurity, and project coordination skills, we want to hear from you.

In this role, you will work closely with developers and security experts to help integrate security practices into our software development process. You’ll support the setup and management of security tools, help track and coordinate the remediation of vulnerabilities, and contribute to building a more secure development environment across the company.

Key Responsibilities:

1. Security Tooling & Integration:

• Help configure, maintain, and support application security tools (e.g., SAST, SCA, secret scanning).
• Assist with integrating security tools into CI/CD pipelines.

1. Vulnerability Management:

• Collect, triage, and track application vulnerabilities reported by scanners or pen testers.
• Collaborate with developers and team leads to ensure timely remediation of findings.
• Help prioritize findings based on risk and business impact.

1. Project Coordination:

• Coordinate security initiatives and projects with development, QA, and DevOps teams.
• Maintain dashboards and status reports for tracking security issues and remediation efforts.

1. Development Support & Guidance:

• Provide development teams with guidance on secure coding practices (training and resources will be provided).
• Review code or pull requests for common security issues when needed (based on experience).

1. Learning & Growth:

• Stay current with trends in application security and participate in continuous learning.
• Grow into risk assessments, threat modeling, and security testing responsibilities over time.

1. Documentation and Reporting:

• Document and communicate risk assessment findings, security requirements, and mitigation strategies.
• Prepare and present reports to stakeholders, summarizing the security posture of new development projects.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• Experience in software development (e.g., C#, .NET).
• Strong interest in cybersecurity, especially secure software development.
• Ability to coordinate across multiple teams and manage technical projects.
• Familiarity with Git, CI/CD tools, and issue tracking systems (e.g., Azure DevOps, JIRA).
• Understanding of how web applications work; basic awareness of OWASP Top 10 is a plus.
• Prior exposure to any security tools (e.g., SonarQube, Semgrep, GitHub Dependabot, etc.) is a bonus but not required.
• Excellent communication and collaboration skills.