Versana

Application Security Engineer

Versana

full-time

Posted on:

Location Type: Hybrid

Location: New York CityNew YorkUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $110,000 - $140,000 per year

Tech Stack

AWSAzureCloudGoJavaJavaScriptPythonTypeScript

About the role

  • Perform and validate application & API security testing (OWASP & API Top 10, business logic abuse, auth/authorization flaws, data exposure).
  • Assist with vulnerability lifecycle management by gathering and normalizing findings (scanners, manual assessments, etc.), validating impact, setting priority, and assigning remediation tickets.
  • Integrate and maintain security tooling in CI/CD (SAST, SCA, DAST, SBOM, container and secrets scanning) and collaborate with developers to tune signal vs noise.
  • Assist with configuration and lifecycle management of AppSec tooling (e.g., CNAPP, WAF, secret management)
  • Contribute to threat modeling & secure design reviews (data flows, trust boundaries, abuse cases, cloud IAM, entitlement surfaces)
  • Partner with engineering, DevOps, product, and QA to embed secure patterns early (“shift left”) and provide code-level remediation guidance.
  • Automate repetitive security tasks and reporting where possible (scripts, pipeline jobs, policy-as-code)
  • Participate in incident response activities, including containment, eradication, and recovery efforts.
  • Support the implementation of security policies, procedures, and standards.
  • Stay up-to-date with the latest security trends, threats, and technology advancements.

Requirements

  • +3 years combined experience in software development and/or application security engineering.
  • Ability to read and develop secure code in at least one of: Python, Java, JavaScript/TypeScript, Go, or C#.
  • Understanding of Application Security principles and web application vulnerabilities such as OWASP Top 10, their risk and remediations
  • Basic understanding of cloud computing principles and services (e.g., AWS, Azure, Google Cloud).
  • Exposure to security tools such as vulnerability scanners.
  • Strong communication and teamwork skills.
  • Detail-oriented with a proactive approach to identifying and mitigating security risks.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
application security testingAPI security testingsecure code developmentPythonJavaJavaScriptTypeScriptGoC#vulnerability lifecycle management
Soft Skills
communicationteamworkdetail-orientedproactive