Morgan Stanley
Application Security Engineer (Middle)
Vaga remota de Developer com fit claro de localização do candidato.
Publicada17 de jun. de 2026
Países elegíveis6 países aceitos
Sinal de senioridadeMiddle
Modelo de trabalhoRemoto
Locais aceitos para candidatos
ArgentinaBrasilColômbiaGuatemalaMéxicoEstados Unidos
Resumo da vaga
Application Security Engineer (Middle)
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
About the role
We are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3–5 years of combined software engineering and AppSec experience.
What you will do
- Write and maintain the scripts necessary to integrate security gates such as SAST, DAST, and SCA into CI/CD pipelines;
- Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts;
- Assist in coding and deploying automated hardened baselines and secure coding patterns;
- Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python.
Must haves
- 3–5 years of commercial experience blending software engineering and DevSecOps/AppSec;
- Solid coding proficiency in Python for automation and scripting;
- Ability to comfortably read and navigate Java source code;
- Working knowledge of modern CI/CD orchestration tools;
- Practical experience interacting with vulnerability scoring frameworks;
- Ability to operate with minimal supervision on day-to-day execution and reliably complete complex scripting and integration tasks;
- Upper-intermediate English level.
Nice to haves
- Hands-on experience with CNAPP or ASPM platforms such as Wiz;
- Basic understanding of application threat modeling.
Vagas similares
Mantenha uma lista reserva.
Java, Python 6 países aceitos
Application Security Engineer (Tech Lead)Morgan StanleyVer vaga Java, Python 6 países aceitos
Application Security Engineer (Senior)Morgan StanleyVer vaga Python 6 países aceitos
Data ScientistMorgan StanleyVer vaga Python 5 países aceitos
Senior Full Stack EngineerIndeedVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Fluxo de contratação
Aplicações são salvas no WithMira para revisão e acompanhamento.
1Aplique com seu perfil e snapshot de currículo.
2O recrutador revisa seu fit para esta posição.
3Mensagens e decisões do recrutador ficam vinculadas a esta vaga.