Plus
Включить Plus
Назад
Company hidden
6 дней назад

Lead Application Security Engineer (Java, Angular)

Формат работы
hybrid
Тип работы
fulltime
Грейд
lead
Английский
b2
Страна
US
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Lead Application Security Engineer (Java/Angular): Leading the design and security of enterprise applications with an accent on secure coding practices, vulnerability remediation, and hands-on development. Focus on bridging the gap between security and engineering by implementing robust API controls, mentoring teams, and integrating AI-assisted security workflows.

Location: Must be based in Scottsdale, AZ. The role is hybrid (4 days in-office, 1 day remote) after an initial training period.

Company

Insurance industry organization focused on secure software development and engineering excellence.

What you will do

  • Embed application security expertise into the engineering organization by identifying and remediating vulnerabilities.
  • Lead the design, development, and delivery of scalable applications using Java and Angular.
  • Conduct SAST, DAST, and SCA assessments using Veracode and guide developers on secure coding.
  • Implement and maintain REST API security controls, including authentication and authorization.
  • Evaluate AI-generated code and leverage AI-assisted security tools to accelerate workflows.
  • Mentor development teams and establish security policies aligned with OWASP standards.

Requirements

  • Must be based in or able to commute to Scottsdale, AZ.
  • 5+ years of hands-on application security engineering experience.
  • 7+ years of software development experience with Java and Angular/AngularJS.
  • 3+ years of experience in a technical leadership or lead engineering capacity.
  • Strong understanding of OWASP Top 10 and enterprise security scanning platforms.
  • Proficiency in Java, Spring Boot, REST services, and modern JavaScript/TypeScript frameworks.

Nice to have

  • Security certifications such as CSSLP, CEH, or GWAPT.
  • Experience with AWS, GCP, or AI-assisted development tools like GitHub Copilot.
  • Knowledge of Drupal, Rancher, or advanced security testing tools like Burp Suite.

Culture & Benefits

  • Opportunity to influence architecture and security strategy at a leadership level.
  • Focus on balancing strong security with performance and delivery speed.
  • Collaborative environment fostering accountability and continuous improvement.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →