Senior Application Security Engineer
Employment Information
Report this job
Job expired or something wrong with this job?
Job Description
Security Engineer at BHG Financial focusing on AppSec initiatives and security integration during software development. Collaborating with developers and contributing across security domains.
Responsibilities:
- Lead application vulnerability assessments using SAST, DAST, and SCA tools; validate and triage findings to ensure accuracy and actionable results.
- Support container and cloud-native security efforts, including scanning container images, assessing container configurations, and advising on secure container orchestration practices.
- Partner closely with developers and software engineers to prioritize, remediate, and prevent vulnerabilities across applications, dependencies, and codebases.
- Promote and reinforce secure coding practices through guidance, documentation, and hands-on collaboration.
- Define and communicate technical security requirements and guidelines for new initiatives, features, and architecture changes.
- Stay current with emerging security threats, trends, and research; recommend appropriate mitigation strategies and technology improvements.
- Work with compliance and technical teams to address deficiencies identified during assessments, audits, or regulatory examinations.
- Assist in generating, tracking, and reporting key metrics for leadership and security governance.
- Participate in Incident Response activities as needed
- Participate in the security on-call support rotation as required.
Requirements:
- 3+ years of experience in a technical security or IT role with a strong focus on application security.
- Hands-on experience with SAST, DAST, and SCA tools
- Knowledge of container security concepts, including container image scanning, secure image pipelines, and common misconfigurations in containerized environments (Docker, Kubernetes, etc.).
- Deep understanding of application security principles and secure development practices, including authentication, authorization, session management, input validation, secrets management, and API security.
- Strong familiarity with common web application vulnerabilities (e.g., XSS, CSRF, SQL injection, SSRF, insecure deserialization) and the ability to explain, validate, and reproduce them.
- Proven ability to provide actionable remediation guidance to developers and engineering teams, balancing risk with business and technical realities.
- Experience with vulnerability validation, risk assessment, and prioritization, particularly in complex environments with multiple applications and tech stacks.
- Working knowledge of broader security technologies and domains such as endpoint security, vulnerability management, network security, SIEM, MFA/IAM/PAM, PKI, security automation, cloud security controls, NAC, encryption, DLP, and firewalls.
- Ability to maintain strict confidentiality.
- Excellent writing, organizational, interpersonal and communication skills.
- Ability to think analytically and a high sense of urgency.
- Ability to look at all situations objectively and a love for challenging assumptions.
- Ability to work independently without supervision.
- Love for collaboration to build stronger teams and more efficient processes.
- **Desired Skills and Education:**
- Bachelor’s degree in IT, information security, or a related discipline
- Cyber security certifications, including but not limited to GPEN, CISSP, OSWE, GWAPT
Benefits:
- Medical/Rx/Dental/Vision coverage for employees and their eligible family members
- Competitive PTO and vacation policies
- 1 Friday off each month for Wellness Weekends
- Company 401(k) plan with employer contributions after one year
- Company-sponsored training and certification opportunities
- Quarterly award ceremonies where top achievers are celebrated and receive additional bonuses
- Ongoing volunteer opportunities to give back to the community through our BHG Cares program
Similar Jobs
Implementation Applications Engineer
Camino Implementation Engineer deploying engaging graphics systems for Daktronics. Working with clients worldwide to deliver impactful digital display experiences.
Application Support Engineer
Application Support Engineer providing Level 2 technical support for software-defined vehicle solutions at Cubic³. Collaborating with development teams and optimizing application performance in a fast-paced environment.
Applications Engineer, CNC
Applications Engineer at Phillips transforming technical education in CNC machining and CAM programming. Bridging the gap between raw hardware and peak manufacturing performance with expert technical support.
Senior Applications Engineer
Senior Applications Engineer collaborating with cross-functional teams to enhance product features and support customers. Engaging in hardware design and validation for high-speed connectivity solutions at NXP.
Application Support Engineer, Service Reliability Engineering
Application Support Engineer managing infrastructure solutions to ensure reliability and scalability of critical systems at Ciena. Responsibilities include incident management, performance monitoring, and automation of tasks.
Global Technical Support Engineer, Informatics Applications
Global Technical Support Informatics Applications Engineer providing technical support including hardware, software applications, and networking. Part of Beckman Coulter Life Sciences innovating in diagnostics and biotechnology.
Principal Field Application Engineer
Principal Sales Engineer at Digi International, focusing on Cellular & Managed Services solutions. Collaborating with sales, partners, and customers to design and implement connectivity solutions.
Senior Application Engineer, IT Engineering
Senior Application Engineer designing and building internal tools for Phantom's operations. Utilizing AI to automate workflows and enhance infrastructure management.
Senior Application Platform Engineer
Senior Software Engineer shaping innovative solutions at Qventus, focusing on healthcare transformation. Collaborating with diverse teams to enhance patient care through technical expertise.
Application Engineer – Mining
Application Engineer responsible for engineering activities for Conveyor Products. Offering support and troubleshooting in Arizona while leading customer projects and strategic implementations.
Senior Application Security Engineer
Senior Application Security Engineer working remotely to mature application security program. Collaborating with teams to ensure secure software development throughout the entire lifecycle.
Senior Principal Applications Engineer
Senior Principal Applications Engineer at NXP working with teams on product improvements and new features. Leading board validation and customer support issues while developing application collateral.
Application Engineer
Application Engineer providing technical packaging solutions in Meat and Dairy markets. Collaborating with customers and internal teams to enhance application performance and drive growth.
Senior Databricks Application Engineer
Senior Databricks Application Engineer designing Databricks Apps and developing data solutions remotely. Collaborating on analytics workflows and cloud integration for IT Services.
Senior Application Security Engineer
Senior Application Security Engineer at Amerisure designing and maintaining security controls for applications. Leading security monitoring and vulnerability management in a DevSecOps environment.
Full-stack AI Application Engineer
Full-stack Engineer at ThirdLaw building AI-native platform features. Working in a small team to deliver impactful solutions to ensure AI trust and safety.
Senior Application Security Engineer
Senior Application Security Engineer at RevenueCat ensuring security across web and mobile applications. Collaborating with engineering teams and external parties to create secure frameworks and support bug bounty programs.
Technology Field Application Engineer
Technology Field Application Engineer at Arrow Global Components facilitating solutions for customer designs through technical leadership and engineering investments. Partnering with sales teams and managing supplier expectations.
Application Security Engineer
Application Security Engineer responsible for embedding security in software delivery at SNHU. Collaborating with DevSecOps teams to ensure application security in various approved remote states.
Application Engineer – Europe South
Application Engineer providing technical expertise and support for Mecademic's robotic solutions. Focused on Europe South region while engaging with engineers and integrators.