Application Security Engineer

Application Security EngineerSYSTEMTEC is seeking an Application Security Engineer for a Direct Hire opportunity for a mission-driven organization. This role is purpose-built for someone who thrives at the intersection of development and security, turning code into a competitive advantage rather than a vulnerability. This role is remote working CST hours.Required Skills of the Application Security Engineer:4+ years in application security or similar role securing production applicationsDeep understanding of OWASP Top 10 and common application vulnerabilitiesHands-on experience with SAST tools (Checkmarx, SonarQube, Fortify), DAST tools (Burp Suite, OWASP ZAP), and dependency scanning (Snyk, Dependabot)Proficient in at least one programming language (Python, JavaScript, or PHP preferred); comfortable reviewing code for security issuesExperience securing applications in AWS, GCP, or DigitalOceanWorking knowledge of Git, containerization (Docker/Kubernetes), and CI/CD pipelines (GitLab, GitHub Actions)Understanding of API security, authentication/authorization patterns (OAuth, JWT), and API gateway configurationsBachelor's degree in Cybersecurity, Computer Science, or related field (or equivalent experience and certifications)Duties and Responsibilities of the Application Security Engineer:Integrate security testing (SAST, DAST, SCA) into CI/CD pipelinesConduct threat modeling, design reviews, and architecture assessmentsPerform code reviews for security flaws and penetration testing on web applications and APIsDevelop security patterns and tools that help developers build securely by defaultTrain developers on secure coding practices and OWASP Top 10Secure containerized applications, Kubernetes deployments, and microservices across AWS/GCPImplement secrets management, encryption strategies, and data protection controlsInvestigate application-layer security incidents and implement preventative controlsWork Location: REMOTE. CST hours.Compensation/Benefits: Direct Hire with client***Please note: SYSTEMTEC is not set up to employ workers in the states of California, New York, and New Jersey .***