Application Security Engineer

A financial firm is looking for an Application Security Engineer to join their team in Iselin, NJ or NYC.

Compensation: $150-200k Responsibilities: Perform Application Security scans (e.g.

DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams Conduct security reviews and provide guidance on security requirements for new features and projects Assist in the analysis, selection and rollout of new application security tools, processes, and standards Qualifications: Proven experience in application security with a focus on application security testing and vulnerability management Hands-on experience with Application Security tools Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques Experience with threat modelling methodologies and tools Proficiency in at least one programming language (e.g., Java, Python, JavaScript) Excellent communication and collaboration skills, with the ability to work effectively in cross functional teams Strong understanding of risk management Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent) Relevant security certifications (e.g.

CISSP, CEH, CSSLP) or equivalent is preferred