Application Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

360CyberX ยท 5 hours ago

Application Security Engineer

positionUnited States
timeFull-time
remoteRemote
seniorityMid Level

360CyberX, LLC is a security-focused technology partner dedicated to helping organizations prevent breaches and enhance system resilience. The Application Security Engineer is responsible for embedding security into the design, development, and deployment of applications, focusing on identifying and mitigating application-level risks.

Computer & Network Security

Responsibilities

Integrate security into all phases of the SDLC, from design and development through deployment and maintenance
Perform application security assessments, including SAST, DAST, SCA, IAST, and manual testing as needed
Conduct secure design reviews and threat modeling for new and existing applications
Identify, validate, and prioritize application vulnerabilities based on risk, exploitability, and business impact
Partner with engineering and DevOps teams to integrate security testing into CI/CD pipelines
Support secure coding practices and provide remediation guidance to development teams
Perform web, API, and microservices security testing aligned with OWASP Top 10 and modern attack techniques
Collaborate with vulnerability management, SOC, and incident response teams to address application-related security events
Develop and maintain application security standards, guidelines, and best practices
Support audits, risk assessments, and compliance initiatives aligned with NIST, CIS, ISO, and regulatory requirements
Document findings, remediation actions, and security recommendations

Qualification

Application Security EngineeringApplication Security Testing ToolsSecure Software Design PrinciplesWeb Application SecurityCI/CD PipelinesSecurity FrameworksCommunication SkillsCollaboration Skills

Required

Strong experience in application security engineering within enterprise or SaaS environments
Deep understanding of application security concepts, common vulnerabilities, and secure software design principles
Hands-on experience with application security testing tools (SAST, DAST, SCA, IAST)
Experience securing web applications, APIs, and cloud-native architectures
Familiarity with CI/CD pipelines and DevSecOps practices
Strong knowledge of authentication, authorization, session management, and API security
Proven ability to communicate security findings clearly to developers and non-technical stakeholders
Familiarity with security frameworks and standards such as NIST, CIS Controls, ISO 27001, and OWASP
Bachelor's degree in Computer Science, Cybersecurity, or a related field

Preferred

Relevant certifications such as GWAPT, CSSLP, OSCP, Security+, or cloud security certifications

Company

360CyberX

twitter
company-logo
360Cyberx, LLC is a security-first technology partner that helps organizations prevent breaches, keep systems online, and prove compliance.
dateFounded in 2020
location
Dallas, Texas, US
people-size11-50 employees
web-link
https://www.360Cyberx.com

Funding

Current Stage
Early Stage
Company data provided by crunchbase