Application Security Engineer (SAST/DAST/SCA)

TL;DR

Application Security Engineer (SAST/DAST/SCA): Identifying, analyzing, and reducing application-layer security risk across the environment with an accent on triage, validation, and prioritization of findings from automated security tools and external researchers. Focus on distinguishing true positives, assessing vulnerability severity, and providing remediation guidance to developers.

Location: Remote - Latin America

Company

hirify.global is the world’s work marketplace, serving startups to Fortune 100 companies with a powerful platform that enables companies and talent to work together.

What you will do

• Analyze and validate findings from SAST, DAST, and SCA tools, including SonarQube, VeraCode, NetSparker, and Chariot.
• Triage and validate submissions from the bug bounty program, reproducing reported issues using tools such as BurpSuite.
• Work directly with application and platform engineers to explain findings, provide remediation guidance, and improve security feedback loops.
• Leverage AI and automation to remove repeatable processes and contribute to improving vulnerability triage processes.
• Identify recurring vulnerability patterns and recommend preventive controls.

Requirements

• 3–6 years of experience in application security, product security, or vulnerability management.
• Strong hands-on experience reviewing and interpreting scan results from SAST, DAST, and SCA tools.
• Practical understanding of common application vulnerabilities, including OWASP Top 10, Injection flaws, authentication issues, and insecure dependencies.
• Ability to read and reason about application code (e.g., Java, JavaScript, Python, Go) for vulnerability analysis.
• Experience working with or triaging findings from a bug bounty or responsible disclosure program.
• Strong written and verbal communication skills, especially when translating security findings for developers.

Culture & Benefits

• Engagement through hirify.global’s Hybrid Workforce Solutions (HWS) Team, a global group of professionals.
• Proudly committed to fostering a diverse and inclusive workforce.
• Never discriminates based on race, religion, color, national origin, gender, or other legally protected characteristics.

Hiring process

• A criminal background check may be required once a conditional job offer is made.