Sr. Application Security Engineer

Sr. Application Security Engineer Seeking an Application Security professional with experience triaging and validating security vulnerabilities across web, API, and server-side platforms. Responsibilities include reproducing customer-reported issues, assessing exploitability and risk, reviewing JavaScript/Java code, coordinating remediation with engineering teams, and preparing technical security assessments for both technical and executive audiences.Required Skills:•10+ years in Application Security, Product Security, Penetration Testing, or Bug Bounty triage• Strong understanding of OWASP Top 10, SSRF, IDOR, SQLi, XSS, GraphQL, privilege escalation, and server-side injection vulnerabilities• Experience with ServiceNow platform security concepts including ACLs, scoped apps, business rules, REST APIs, and GlideRecord/Table API• Ability to reproduce vulnerabilities in lab environments and validate fixes• Strong JavaScript and Java code review/debugging skills• Experience with CVSS scoring and technical security reporting• Advanced ServiceNow development/security experience• Customer-facing security support experience• Familiarity with HackerOne or Bugcrowd• Security certifications such as OSCP, GWAPT, or GWEB