Application Security Engineer

EnerSys

Application Security Engineer at EnerSys focusing on application security, DevSecOps, and compliance with cybersecurity frameworks.

Posted 5/2/2026full-timeRemote • Alabama, Arizona, California, Colorado, Connecticut, District of Columbia, Florida, Idaho, Illinois, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Minnesota, Mississippi, Missouri, Montana, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming • 🇺🇸 United StatesMid-LevelSenior💰 $117,200 - $146,600 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudCyber SecurityKubernetesMicroservicesSDLC

About the role

Key responsibilities & impact

Serve as a primary liaison between the Cybersecurity and development teams, ensuring security is integrated into design, development, deployment, and operations.
Conduct application security assessments, code reviews, API testing, threat modeling, and penetration testing to identify vulnerabilities.
Define, maintain, and enforce secure coding standards, patterns, and best practices.
Integrate and manage security tooling within CI/CD pipelines, including SAST, DAST, SCA, IaC scanning, and container security solutions.
Support secure architecture reviews for cloud‑native applications, microservices, and containerized workloads.
Support threat modeling, risk assessments, and security architecture reviews for applications.
Ensure that all security practices meet regulatory and compliance requirements.
Develop and deliver cybersecurity training programs for development teams to promote awareness and adherence to best practices.
Ensure application security practices align with regulatory and compliance frameworks (e.g., NIST CSF, ISO 27001, IEC 62443).
Keep up to date on emerging threats, incorporating threat intelligence into security practices and providing proactive defenses.
Monitor and respond to application security threats, incidents and vulnerabilities.
Stay up to date on regulatory developments and industry trends.
Manage and maintain third-party vendor and consultant relationships.
Perform other duties as assigned.

Requirements

What you’ll need

Bachelor’s degree in a technical field (e.g., Computer Science, Information Systems, Cybersecurity)
5+ years of experience in Information Security, with at least 3 years focused on application security, secure development, or DevSecOps
Demonstrated experience building and scaling an application security program, either as the lead or a key contributor
Strong knowledge of OWASP Top 10, OWASP ASVS, SANS Top 25, and secure SDLC methodologies
Hands-on experience with application security testing tools such as Burp Suite, Fortify, Checkmarx, Veracode, and ZAP
Experience conducting threat modeling, penetration testing, secure software development, and secure architecture reviews
Practical experience securing cloud environments (AWS or Azure) and implementing cloud-native security controls
Familiarity with Kubernetes security, container hardening, and runtime protection
Strong communication skills with the ability to collaborate and influence across technical and non-technical teams.

Benefits

Comp & perks

Paid time off plus paid holidays
Medical/dental/vision insurance plan
Life insurance, short/long term disability, tuition reimbursement, flex spending, and employee stock purchase plan
401K plan

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application security assessmentscode reviewsAPI testingthreat modelingpenetration testingsecure coding standardsCI/CD pipelinescloud-native security controlssecure software developmentKubernetes security

Soft Skills

communication skillscollaborationinfluence