BHG Financial

Senior Application Security Engineer

BHG Financial

full-time

Posted on:

Location Type: Remote

Location: Remote • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

CloudCyber SecurityDockerFirewallsKubernetesSQL

About the role

  • Lead application vulnerability assessments using SAST, DAST, and SCA tools; validate and triage findings to ensure accuracy and actionable results.
  • Support container and cloud-native security efforts, including scanning container images, assessing container configurations, and advising on secure container orchestration practices.
  • Partner closely with developers and software engineers to prioritize, remediate, and prevent vulnerabilities across applications, dependencies, and codebases.
  • Promote and reinforce secure coding practices through guidance, documentation, and hands-on collaboration.
  • Define and communicate technical security requirements and guidelines for new initiatives, features, and architecture changes.
  • Stay current with emerging security threats, trends, and research; recommend appropriate mitigation strategies and technology improvements.
  • Work with compliance and technical teams to address deficiencies identified during assessments, audits, or regulatory examinations.
  • Assist in generating, tracking, and reporting key metrics for leadership and security governance.
  • Participate in Incident Response activities as needed
  • Participate in the security on-call support rotation as required.

Requirements

  • 3+ years of experience in a technical security or IT role with a strong focus on application security.
  • Hands-on experience with SAST, DAST, and SCA tools
  • Knowledge of container security concepts, including container image scanning, secure image pipelines, and common misconfigurations in containerized environments (Docker, Kubernetes, etc.).
  • Deep understanding of application security principles and secure development practices, including authentication, authorization, session management, input validation, secrets management, and API security.
  • Strong familiarity with common web application vulnerabilities (e.g., XSS, CSRF, SQL injection, SSRF, insecure deserialization) and the ability to explain, validate, and reproduce them.
  • Proven ability to provide actionable remediation guidance to developers and engineering teams, balancing risk with business and technical realities.
  • Experience with vulnerability validation, risk assessment, and prioritization, particularly in complex environments with multiple applications and tech stacks.
  • Working knowledge of broader security technologies and domains such as endpoint security, vulnerability management, network security, SIEM, MFA/IAM/PAM, PKI, security automation, cloud security controls, NAC, encryption, DLP, and firewalls.
  • Ability to maintain strict confidentiality.
  • Excellent writing, organizational, interpersonal and communication skills.
  • Ability to think analytically and a high sense of urgency.
  • Ability to look at all situations objectively and a love for challenging assumptions.
  • Ability to work independently without supervision.
  • Love for collaboration to build stronger teams and more efficient processes.
  • **Desired Skills and Education:**
  • Bachelor’s degree in IT, information security, or a related discipline
  • Cyber security certifications, including but not limited to GPEN, CISSP, OSWE, GWAPT
Benefits
  • Medical/Rx/Dental/Vision coverage for employees and their eligible family members
  • Competitive PTO and vacation policies
  • 1 Friday off each month for Wellness Weekends
  • Company 401(k) plan with employer contributions after one year
  • Company-sponsored training and certification opportunities
  • Quarterly award ceremonies where top achievers are celebrated and receive additional bonuses
  • Ongoing volunteer opportunities to give back to the community through our BHG Cares program

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
SASTDASTSCAcontainer securitysecure coding practicesapplication security principlesvulnerability validationrisk assessmentAPI securityweb application vulnerabilities
Soft skills
analytical thinkinginterpersonal skillscommunication skillsorganizational skillsindependencecollaborationability to provide remediation guidanceability to maintain confidentialityability to balance riskhigh sense of urgency
Certifications
GPENCISSPOSWEGWAPT