Sr. App Security Engineer – ASC Program only w2

Position - Application Security Engineer Location-: TX/NJ/NC Onsite Role Summary: • Scale the Application Security Champions (ASC) Community of Practice (CoP) across non-CIO units. • Provide enablement, tooling, and standards to embed AppSec into decentralized teams. • Align ASC initiatives with tiered control adoption and quarterly roadmap. Key Responsibilities: • Develop ASC playbooks, training, and office hours for threat modeling and secure design. • Roll out CI/CD-integrated controls and AVR workflows tailored to non-CIO environments. • Establish ASC KPIs and dashboards; report progress and compliance coverage. • Coordinate migration planning with application owners; track risks and dependencies. • Facilitate escalations and cross-functional alignment with SMEs and governance. • Promote security awareness and culture by educating teams on secure coding practices, potential threats, and encouraging open dialogue around security. • Act as the primary liaison between development teams and the security organization to ensure clear communication, timely resolution of security concerns, and alignment with security priorities. • Lead security enablement activities, including training sessions, workshops, and hands on exercises to enhance team security skills. • Support secure development practices by performing secure code reviews, participating in threat modeling sessions, and assisting teams with effective use of security testing tools and automated scans. • Contribute to organizational security standards by providing practical feedback and helping refine procedures to ensure they remain effective and adoptable across teams. Required Qualifications & Skills: • Bachelor’s degree or equivalent experience. • 5+ years in AppSec with enablement or CoP leadership experience. • Proven ability to coach developers on secure coding and threat modelling. • Experience with automation and compliance enforcement in CI/CD. Preferred Qualifications: • Experience establishing champions programs or communities of practice. • Certifications: CSSLP, CRISC, or leadership-focused credentials. • Background in enterprise governance and metrics. Tools & Technologies: • Learning platforms and LMS • SAST/DAST/SCA • ServiceNow AVR • Dashboards (Power BI, Grafana) • Collaboration (Confluence, Teams)