Role overview

Application Security Engineer

Requirements and responsibilities

Readable role content extracted into sections for faster review.

Application Security

  • Implement and maintain security controls for web and API applications.
  • Integrate security practices into the Secure SDLC, including threat modeling and security design reviews.
  • Ensure compliance with organizational security policies and industry best practices.

Security Tool Management

  • Manage and administer vulnerability scanning tools such as Tenable or equivalent solutions.
  • Configure, optimize, and maintain scanning policies and schedules.
  • Improve scan accuracy by reducing false positives and fine-tuning security tools.

SAST & DAST Implementation

  • Deploy and manage Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) solutions.
  • Integrate security testing into CI/CD pipelines.
  • Work closely with development teams to ensure effective security testing and reporting.

Vulnerability Management

  • Identify, validate, and assess application vulnerabilities through automated and manual testing.
  • Perform risk assessments and prioritize vulnerabilities based on business impact.
  • Track remediation activities and ensure timely closure of security findings.

Security Testing

  • Conduct manual and automated security assessments of web applications and APIs.
  • Validate reported vulnerabilities and verify remediation after fixes are implemented.
  • Document findings, attack scenarios, and remediation recommendations.

Offensive Security

  • Perform manual verification of vulnerabilities using penetration testing techniques.
  • Develop proof-of-concept demonstrations when required.
  • Support security assessments and red team activities.

Required Skills & Qualifications

  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 7+ years of experience in Application Security or Cybersecurity.
  • Hands-on experience with SAST, DAST, and vulnerability assessment tools.
  • Strong knowledge of OWASP Top 10, API Security, and secure coding practices.
  • Experience integrating security tools into CI/CD environments such as Jenkins, GitHub Actions, or GitLab.
  • Familiarity with scripting languages such as Python, Bash, or PowerShell.
  • Excellent analytical, troubleshooting, and communication skills.

Preferred Qualifications

  • Experience in threat modeling and secure architecture reviews.
  • Hands-on exposure to penetration testing or red team activities.
  • Industry certifications such as OSCP, CEH, GWAPT, CSSLP, or equivalent are preferred.
Similar roles

Keep a backup shortlist.

Browse stack
FocusApplication Security EngineeringRole area
Seniority signalSeniorCandidate level
StackCI/CD, PythonPrimary skills
Location1 accepted countryEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link