Application Security Engineer ID71662
Please mention DailyRemote when applying
AI Summary
Integrate security gates like SAST, DAST, and SCA into CI/CD pipelines and tune scanning tools to reduce false positives. Provide code-level remediation guidance to Java and Python development teams to ensure secure coding patterns.
AgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people-first culture has earned us multiple Best Place to Work awards.
WHY JOIN US
If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!
ABOUT THE ROLE
We are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3–5 years of combined software engineering and AppSec experience.
WHAT YOU WILL DO
- Write and maintain the scripts necessary to integrate security gates (SAST, DAST, SCA) seamlessly into the CI/CD pipeline;
- Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts;
- Assist in coding and deploying automated hardened baselines and secure coding patterns;
- Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python.
MUST HAVES
- 3–5 years of commercial experience blending software engineering and DevSecOps/AppSec;
- Solid coding proficiency in Python (for automation/scripting), with the ability to comfortably read and navigate Java source code;
- Working knowledge of modern CI/CD orchestration tools and practical experience interacting with vulnerability scoring frameworks;
- Ability to operate with minimal supervision on day-to-day execution, reliably completing complex scripting and integration tasks;
- Upper-intermediate English level.
NICE TO HAVES
- Hands-on experience with specific CNAPP or ASPM platforms (e.g., Wiz);
- Basic understanding of application threat modeling.
PERKS AND BENEFITS
- Professional growth: Mentorship, TechTalks, and personalized growth roadmaps.
- Competitive compensation: USD-based pay with education, fitness, and team activity budgets.
- Exciting projects: Modern solutions with Fortune 500 and top product companies.
- Flextime: Flexible schedule with remote and office options.
Meet Our Recruitment Process
Application → Coding Challenge → Video Interview → Technical Interview or Hiring Manager Interview
Each step helps us understand your skills and overall fit.
If it’s a match, you’ll receive an offer.
WHY JOIN US
If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!
ABOUT THE ROLE
We are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3–5 years of combined software engineering and AppSec experience.
WHAT YOU WILL DO
- Write and maintain the scripts necessary to integrate security gates (SAST, DAST, SCA) seamlessly into the CI/CD pipeline;
- Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts;
- Assist in coding and deploying automated hardened baselines and secure coding patterns;
- Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python.
MUST HAVES
- 3–5 years of commercial experience blending software engineering and DevSecOps/AppSec;
- Solid coding proficiency in Python (for automation/scripting), with the ability to comfortably read and navigate Java source code;
- Working knowledge of modern CI/CD orchestration tools and practical experience interacting with vulnerability scoring frameworks;
- Ability to operate with minimal supervision on day-to-day execution, reliably completing complex scripting and integration tasks;
- Upper-intermediate English level.
NICE TO HAVES
- Hands-on experience with specific CNAPP or ASPM platforms (e.g., Wiz);
- Basic understanding of application threat modeling.
PERKS AND BENEFITS
- Professional growth: Mentorship, TechTalks, and personalized growth roadmaps.
- Competitive compensation: USD-based pay with education, fitness, and team activity budgets.
- Exciting projects: Modern solutions with Fortune 500 and top product companies.
- Flextime: Flexible schedule with remote and office options.
Meet Our Recruitment Process
Application → Coding Challenge → Video Interview → Technical Interview or Hiring Manager Interview
Each step helps us understand your skills and overall fit.
If it’s a match, you’ll receive an offer.
Automatically Apply to the Best Remote Jobs
Stop the endless job search. Our AI finds and applies to the best jobs for you.
