Senior Application Security Engineer

iO Associates has partnered with an innovative technology consultancy known for its entrepreneurial culture, collaborative mindset, and commitment to empowering its consultants to own their way of working. Their success is built on strong partnerships with industry leaders and a deep network of security and cloud specialists - and they're looking for a Senior Application Security Engineer to join their growing team.

What You'll Do:

- Partner with development teams to identify, understand, and remediate security vulnerabilities.

- Provide guidance on secure coding practices and ensure security is embedded throughout the SDLC.

- Perform SAST and DAST testing to validate code security and remediation efforts.

- Recommend efficient and scalable solutions to streamline the remediation process.

- Support the buildout of a DevSecOps function, integrating security tools and practices into CI/CD pipelines.

- Automate manual processes to improve development and security workflows.

- Analyze and address findings from penetration tests, recommending actionable fixes.

- Track and monitor remediation progress to ensure timely completion.

- Contribute to audit readiness by maintaining accurate, detailed documentation.

What You Bring:

- 7+ years of experience in Application Security Engineering.

- Proficiency with tools such as Qualys WAS, Wiz, Veracode, Fortify, SonarQube, and Checkmarx.

- Strong understanding of SAST and DAST methodologies and integrating security tools into CI/CD pipelines.

- Hands-on experience mitigating SQL injection vulnerabilities and securing RESTful APIs.

- Familiarity with development languages such as JavaScript and C#/.NET or Java.

- Ability to assess and communicate risks, recommend effective mitigations, and collaborate across teams.

- Detail-oriented with experience preparing security documentation for audits.

- A proactive, team-oriented mindset - someone who serves as both a technical expert and a security advocate.

Desirable Skills & Experience:

- Familiarity with DevSecOps practices would be advantageous.

If you are an experienced Application Security Engineer with a passion for cybersecurity and innovation, we encourage you to apply by submitting your CV today. Please note that only US citizens or Green Card holders are eligible, and sponsorship is not available for this position.