Senior Application Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

AbbVie · 11 hours ago

Senior Application Security Engineer

positionHouston, TX
timeFull-time
remoteOnsite
senioritySenior Level
date6+ years exp

AbbVie is a company dedicated to discovering and delivering innovative medicines and solutions for serious health issues. They are seeking a Senior Application Security Engineer to enhance application security processes, implement security tools, and support development teams in identifying and remediating vulnerabilities.

BiotechnologyFinancial ServicesHealth CareMedicalPharmaceuticalVenture Capital
check
Comp. & Benefits
check
H1B Sponsor Likelynote

Responsibilities

Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify code and dependency vulnerabilities during the software development lifecycle
Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize and deduplicate findings from multiple solutions and integrate into software development processes
Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests
Integrating security tooling with Continuous Integration/Continuous Deployment (CICD) pipelines
Developing detailed reports on security findings and remediation efforts
Demonstrate high proficiency across a wide range of technologies and platforms related to application security, software design and development, containerization, and cloud environments
Communicate security risks and evangelize secure development practices to development teams and their management
Lean/understand vulnerabilities, triage security risks at scale in disparate application development environments and business units

Qualification

Application SecuritySAST/DAST/IAST/SCACICD IntegrationSecure Coding PracticesDevSecOps PracticesInfrastructure As CodeCloud EnvironmentsCoaching Junior EngineersTechnical CommunicationCreative Problem Solving

Required

Bachelor's Degree and 7 years' experience OR Master's Degree and 6 years' experience OR PhD and 2 years' experience
5+ years of experience in application security and software development
3+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
Extensive knowledge of secure coding practices across multiple programming languages (esp. Java, Node.js)
Extensive experience integrating security testing into CICD pipelines
Strong knowledge of application security principles along with common vulnerabilities (e.g., OWASP Top 10, CWE, etc.) and associated mitigations
Experience implementing and scaling DevSecOps practices and tooling within large organizations
Experience implementing DevSecOps workflows in cloud environments such as AWS and Azure
Experience developing Infrastructure As Code (IAC) via solutions such as Terraform and/or CloudFormation
Experience supporting developers with assessing and mitigating application security test findings
Ability to effectively communicate technical findings to both technical and non-technical stakeholders
Demonstrated ability to function as a principal engineer, generating original technical ideas and strategies. Demonstrated creative 'out of the box' thinking to solve difficult technical problems and champion new technologies to achieve program goals
Excellent written and oral English communication skills, as demonstrated by presenting at leading scientific or technical conferences
Experience coaching and supporting the development of junior engineers

Preferred

Experience implementing tooling to consolidate application security test findings from multiple sources to facilitate developer engagement and integrate with development workflows and tracking systems
Experience administering Snyk and Endor Labs
Experience integrating Cloud Security Posture Management (CSPM) tooling with application security pipelines
Experience automating workflows via programming and scripting languages such as Python
Experience building logging into DevSecOps pipelines to gain insights into pipeline performance
Experience collaborating with vulnerability and risk management partners to interface with risk management and acceptance processes

Benefits

Paid time off (vacation, holidays, sick)
Medical/dental/vision insurance
401(k)
Short-term incentive programs
Long-term incentive programs

Company

AbbVie

twittertwittertwitter
Glassdoor3.9
company-logo
AbbVie is a biopharmaceutical company focused on immunology, oncology, neuroscience, virology, and aesthetics. It is a sub-organization of AbbVie.
dateFounded in 2013
location
North Chicago, Illinois, USA
people-size10001+ employees
web-link
https://www.abbvie.com

H1B Sponsorship

AbbVie has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (273)
2024 (190)
2023 (225)
2022 (284)
2021 (186)
2020 (186)

Funding

Current Stage
Public Company
Total Funding
$15B
2024-02-27Post Ipo Debt· $15B
2023-03-08Post Ipo Equity· $0.25M
2012-12-20IPO

Leadership Team

leader-logo
Robert Michael
Chairman of the Board and Chief Executive Officer
linkedin
leader-logo
Micah Bregman
Vice President, Global Strategy and Pipeline, Allergan Aesthetics
linkedin

Recent News

IndiaTimes
Patent rejected for MNC’s cancer drug; generics likely to enter market
2026-01-23
Law.asia
Firms advise on RemeGen’s USD5.6bn AbbVie licensing deal
2026-01-20
FiercePharma
After AbbVie and Genmab's ph. 3 survival miss for Epkinly in DLBCL, what's next?
2026-01-20
Company data provided by crunchbase