Back to Jobs

Senior Application Security Engineer

GuidePoint Security
MD | PA | NC

TrulyRemote Verified

Hand-curated global remote job with direct application link

Technical Requirements

SASTCI/CDScriptingAutomationOWASP Top 10Threat ModelingSDLC

About the Role

GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.

Required Experience

  • Proficiency with the implementation, operationalization, and troubleshooting of Static Application Security Testing (SAST) tools such as Semgrep, Snyk, CodeQL, Checkmarx, Veracode, etc.
  • Understanding of Continuous Integration / Continuous Delivery (CI/CD) pipeline tools and processes (e.g. GitHub Actions, GitLab Runners, Azure DevOps, Jenkins, CircleCI, etc.)
  • Experience in software engineering, ideally full stack software development, including modern technologies and application architectures
  • Strong scripting and automation experience using one or more programming languages
  • Solid working knowledge of application security fundamentals including the OWASP Top 10, threat modeling, and implementing secure coding practices throughout the Software Development Lifecycle (SDLC)

Preferred Qualifications

  • Experience writing or adapting custom SAST rules (Semgrep or CodeQL)
  • Familiarity with additional Application Security tools (e.g. Interactive (IAST), Dynamic (DAST) and API security, SCA, etc.)
  • Familiarity with API Security tools (e.g., NoName, Traceable, Salt, Cequence)
  • Practical hands-on experience validating vulnerabilities and proficiency with Burp Suite
  • Strong working knowledge of Secure Development Lifecycles and experience triaging and remediating technical vulnerabilities identified by web application scanning tools
  • Understanding of automated security testing approaches and tools
  • Experience in building and operating security tools within CI/CD pipelines
  • Experience with proactive integration of security into the development process
  • Past experience as an application security practitioner or software engineer

Educational & Professional Credentials

  • Bachelor’s degree in a relevant discipline or equivalent experience
  • 5-7 years of security engineering experience in the Information Security industry

Similar Jobs

Principal Software Engineer

Multitude Insights

Data Engineer

Talkiatry

Director of Technical Product Marketing — Kubernetes & Container Security

RapidFort

Customer Success Architect, EMEA

GitLab

Senior Application Security Engineer
GuidePoint Security
Apply