Nelnet

Cybersecurity Application Security Engineer

Nelnet

full-time

Posted on:

Location Type: Hybrid

Location: CentennialColoradoNew YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $90,000 - $125,000 per year

Tech Stack

CloudJavaJavaScriptNode.jsPHPPythonSDLCTypeScript

About the role

  • Partner closely with engineering, cloud, and product teams to safeguard applications, services, and AI-driven components
  • Combine hands-on technical testing with scalable automation and developer enablement to mature AppSec program
  • Ensure secure, resilient applications at speed
  • Manual source code review SAST/DAST scanning
  • Expand the Security Champions program
  • Develop automated source code review processes
  • Work with product teams to ensure secure SDLC processes are in place
  • Provide detailed vulnerability reports to businesses

Requirements

  • 2–4 years of hands-on application security experience
  • Experience integrating security tooling and automated checks into CI/CD pipelines
  • Familiarity and experience with OWASP Top 10 and web testing methodologies
  • Experience with effectively assessing and communicating risks and appropriate levels of urgency to management and engineering staff
  • Experience with technical report writing and communication
  • Strong manual code review experience in at least one major language (Java, JavaScript/TypeScript, C#, PHP, etc.)
  • Solid threat-modeling expertise (STRIDE, attack trees, misuse cases) for both traditional systems and AI/LLM-integrated features
  • Proficiency with SAST, SCA, DAST, web and mobile pentesting, container scanners, secrets-detection tools, and ideally AI-security scanning platforms
  • Scripting/automation skills (Python, Bash, Node) for building custom tooling and automating manual processes
  • Good understanding of AI/LLM attack surfaces including prompt injection, insecure output handling, model-data leakage, and RAG vulnerabilities
  • Strong knowledge of web/API security concepts (session management, secure storage, transport security)
Benefits
  • medical
  • dental
  • vision
  • HSA and FSA
  • generous earned time off
  • 401K/student loan repayment
  • life insurance & AD&D insurance
  • employee assistance program
  • employee stock purchase program
  • tuition reimbursement
  • performance-based incentive pay
  • short- and long-term disability
  • a robust wellness program
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application securitymanual code reviewSASTDASTweb testing methodologiesthreat modelingscriptingautomationweb securityAPI security
Soft Skills
communicationrisk assessmenttechnical report writingcollaborationdeveloper enablement