Application Security Engineer

TL;DR

Application Security Engineer: Performing security assessments and vulnerability management for a financial firm with an accent on application security testing and threat modeling. Focus on driving secure coding practices, collaborating with development teams to remediate vulnerabilities, and integrating security standards into the SDLC.

Location: Must be based in or able to commute to New York, NY or Iselin, NJ

Compensation: $150,000–$200,000

Company

hirify.global is a staffing and recruiting firm serving various industries including financial services.

What you will do

• Perform DAST and SCA scans on applications and APIs to detect vulnerabilities.
• Collaborate with development teams to triage and remediate security findings.
• Drive threat modeling processes for critical applications to identify and mitigate risks.
• Lead the Security Champions program and advocate for secure coding standards.
• Conduct security reviews for new features and project requirements.
• Support the selection and implementation of new application security tools.

Requirements

• Proven experience in application security testing and vulnerability management.
• Strong understanding of OWASP Top 10 vulnerabilities and mitigation strategies.
• Hands-on experience with threat modeling methodologies.
• Proficiency in Java, Python, or JavaScript.
• Excellent communication skills for cross-functional collaboration.
• Degree in Computer Science, Cybersecurity, or a related technology discipline.

Nice to have

• Relevant professional certifications such as CISSP, CEH, or CSSLP.