Application Security Engineer (Cybersecurity)

TL;DR

Application Security Engineer (Cybersecurity): Securing internally developed software and client data with an accent on vulnerability assessments and threat modeling. Focus on integrating security controls into the SDLC, conducting SAST/DAST, and automating security testing within CI/CD pipelines.

Location: Remote (US)

Salary: $98,900 – $134,500

Company

hirify.global provides secure software solutions and is committed to a security-by-design approach to protect its customers' data.

What you will do

• Perform automated and manual vulnerability assessments using industry-standard tools across applications and cloud infrastructure.
• Coordinate third-party security assessments and translate technical results into business-impact risk assessments.
• Participate in threat modeling and conduct static and dynamic application security testing (SAST/DAST).
• Design, deploy, and support application security tooling and automate vulnerability management processes.
• Partner with developers to promote secure coding practices and integrate security controls into CI/CD pipelines.
• Serve as a subject matter expert for security reviews and participate in the internal CSIRT on-call rotation.

Requirements

• Bachelor’s degree and 2–4 years of related professional experience.
• Experience with security testing tools such as Burp Suite, Kali Linux, Metasploit, and WebInspect.
• Strong understanding of OWASP Top 10, SANS, and threat modeling methodologies.
• Proficiency in programming or scripting languages like Python, C#, Java, or PowerShell.
• Hands-on experience securing cloud-based applications in AWS, Azure, or GCP.
• Must be based in the United States.

Culture & Benefits

• Full remote work flexibility within the US.
• Opportunity to work in a high-impact technical role focusing on adversarial mindsets and emerging threats.
• Collaborative environment working across development, engineering, and product teams.