FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.
Senior Applications Security Engineer
Blue Cross and Blue Shield of Nebraska. Own and operate application security tooling, including SAST, DAST, and software composition analysis, ensuring tools are tuned, effective, and aligned to business risk .
Posted 5/1/2026full-timeOmaha • Florida, Iowa, Kansas, Minnesota, Montana, New York, North Dakota, Texas • 🇺🇸 United StatesSeniorWebsite
Tech Stack
Tools & technologiesCloud
About the role
Key responsibilities & impact- Own and operate application security tooling, including SAST, DAST, and software composition analysis, ensuring tools are tuned, effective, and aligned to business risk
- Embed application security into CI/CD pipelines and development workflows to support shift‑left security while minimizing developer friction
- Perform secure code reviews and validate vulnerabilities for exploitability, impact, and remediation feasibility
- Define and maintain secure coding standards, guidance, and reusable security patterns for development teams
- Establish guardrails and review expectations for AI‑assisted and AI‑generated code, reducing unowned and unmanaged application risk
- Partner with development teams to triage findings, reduce false positives, and drive effective remediation
- Apply risk‑based decision making aligned to organizational risk appetite and compliance frameworks (NIST, HIPAA, SOC 2)
- Support application threat modeling and identification of architectural security gaps
- Collaborate with cloud, platform, and identity teams to ensure applications integrate securely with enterprise services
- Contribute to audit readiness, evidence collection, and regulatory support related to application security controls
- Reduce single‑points‑of‑failure by documenting processes, mentoring others, and improving program resiliency
Requirements
What you’ll need- Bachelor’s degree in Computer Science, Information Security, or a related field (or equivalent experience)
- 6 years of experience in application security, secure software development, or DevSecOps
- Hands-on experience with SAST, DAST, and dependency scanning tools, including tuning and operational ownership
- Strong understanding of application vulnerability classes (OWASP Top 10, APIs, authentication, authorization)
- Experience integrating security into CI/CD pipelines and development workflows
- Proven ability to assess risk, prioritize remediation, and clearly communicate decisions
- Comfort working independently, taking ownership, and driving outcomes with minimal oversight
- Strong communication skills with the ability to work effectively with developers, architects, and leadership
- An equivalent combination of education and experience may be substituted for this requirement
- The ability to meet or exceed the attendance and timeliness requirements of their departments
- On-call work may be required based on business needs and role assignment
- The ability to work well in a team environment and be capable of building and maintaining positive relationships with other staff, departments, and customers
Benefits
Comp & perks- Remote flexibility for candidates in FL, IA, KS, MN, MO, NE, ND, or TX
- 1 day per week in the office
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
application securitysecure software developmentDevSecOpsSASTDASTsoftware composition analysissecure coding standardsrisk assessmentvulnerability validationthreat modeling
Soft Skills
communicationindependenceownershipteamworkrelationship buildingmentoringdecision makingcollaborationproblem solvingprioritization