Ensure robust security practices within a highly regulated SaaS environment.
Collaborate closely with Product and Development teams embedding security throughout the Software Development Life Cycle (SDLC).
Manage automated vulnerability scanning tools and coordinate penetration tests.
Advise on secure architecture and support compliance, risk management, and incident response initiatives.
Monitor and analyze security alerts and vulnerability reports.
Maintain and optimize automated vulnerability scanning systems (SAST/DAST).
Own the design, implementation, and evolution of ASPM capabilities.
Coordinate and manage third-party penetration tests and bug bounty programs.
Collaborate cross-functionally for architectural and code reviews.
Develop and maintain application threat models.

Requirements

Bachelor’s degree in Computer Science, Management Information Systems, Cybersecurity, or a related field is required, or equivalent combination of education and experience
4 years of experience in application security engineering, software engineering, with security focused roles
3 years of hands-on experience identifying and qualifying application security vulnerabilities, preferably within web, financial services, or mobile application environments required.
Experience with AWS, Git, and industry-standard application vulnerability platforms required.
Proficiency analyzing application source code (e.g., TypeScript, JavaScript, C#, Java, Swift) to identify security vulnerabilities.
Strong technical knowledge of security vulnerabilities and standards (OWASP Top 10, CWE, CVSS scoring).
Deep familiarity with authentication and authorization protocols (e.g., SAML, OAuth 2.0, JWT).
Applied knowledge of cryptographic practices, including encryption standards, hashing algorithms, and authentication lifecycle management.
Excellent analytical, communication, and coordination skills, with the ability to effectively manage and communicate security remediation tasks.
Ability to maintain productivity and professionalism in remote or distributed team environments.
Demonstrated passion for continuous security learning and staying updated on industry threats and trends.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

application security engineeringvulnerability scanningpenetration testingsecure architectureapplication threat modelingsource code analysiscryptographic practicesauthentication protocolsauthorization protocolssecurity vulnerabilities

Soft Skills

analytical skillscommunication skillscoordination skillsproductivityprofessionalismcollaborationcontinuous learningrisk managementincident responseproblem-solving