Applications Engineer – Hybrid Machines
Phillips Corporation
Application Security Engineer
Lumin Digital
full-time
Posted on:
Location: 🇺🇸 United States
Visit company websiteSalary
💰 $120,000 - $130,000 per year
Job Level
Mid-LevelSenior
Tech Stack
AWSCyber SecurityJavaJavaScriptSDLCSwiftTypeScript
About the role
- Monitor and analyze security alerts and vulnerability reports, prioritizing and validating vulnerabilities for timely remediation.
- Maintain and optimize automated vulnerability scanning systems (SAST/DAST), ensuring comprehensive application security assessments.
- Coordinate and manage third-party penetration tests, bug bounty programs, and vulnerability assessments, responding effectively to findings.
- Collaborate cross-functionally to perform architectural and code reviews, delivering actionable recommendations for enhanced application security.
- Develop and maintain application threat models to inform proactive risk management and security posture improvements.
- Assist internal teams in vulnerability remediation using industry-standard tools (e.g., Veracode, Qualys, Rapid7, Burp).
- Support incident response activities, enabling rapid identification, containment, and resolution of application security incidents.
- Stay current on emerging security threats, vulnerabilities, and industry best practices, translating insights into practical guidance.
- Provide security expertise in risk management, compliance audits, and client communications to enhance the overall security posture.
- Perform other duties as assigned
Requirements
- Bachelor’s degree in Computer Science, Management Information Systems, Cybersecurity, or a related field is required, or equivalent combination of education and experience
- 4 years of experience in application security engineering, software engineering, or related security-focused roles required.
- 3 years of hands-on experience identifying and qualifying application security vulnerabilities, preferably within web, financial services, or mobile application environments required.
- Experience with AWS, Git, and industry-standard application vulnerability platforms required.
- Proficiency analyzing application source code (e.g., TypeScript, JavaScript, C#, Java, Swift) to identify security vulnerabilities.
- Strong technical knowledge of security vulnerabilities and standards (OWASP Top 10, CWE, CVSS scoring).
- Deep familiarity with authentication and authorization protocols (e.g., SAML, OAuth 2.0, JWT).
- Applied knowledge of cryptographic practices, including encryption standards, hashing algorithms, and authentication lifecycle management.
- Excellent analytical, communication, and coordination skills, with the ability to effectively manage and communicate security remediation tasks.
- Ability to maintain productivity and professionalism in remote or distributed team environments.
- Demonstrated passion for continuous security learning and staying updated on industry threats and trends.
