Senior/principal application security engineer

Senior/Principal Application Security Engineer


Senior/Principal Application Security Engineer

1 week ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.


Stash Talent Services provided pay range

This range is provided by Stash Talent Services. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.


Base pay range

$70.00/hr - $80.00/hr

Title: Principal Application Security Engineer

Duration: 12+ months

Overview:

This Principal AppSec Engineer role is a senior-level opportunity for a thought leader in application security with deep expertise in secure SDLC, secure design, and hands-on engineering. This role will drive transformational initiatives across the enterprise and be a key figure in building secure-by-design practices.

Required qualifications:

* 7+ years of Application Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.
* 8+ years of experience in software engineering and application security.
* Deep knowledge of security tooling across the CI/CD pipeline.
* Strong public or community contributions (e.g., conference speaking, GitHub repos, blogs)
* Experience leading cross-functional technical initiatives.
* Excellent communication and stakeholder engagement skills.
* Financial services background preferred but not required.

Key Responsibilities:

* Lead development of secure design frameworks and security requirements.
* Execute deep technical AppSec tasks and collaborate across security and engineering teams.
* Evaluate and integrate SAST, SCA, DAST, and other AppSec tools (Checkmarx, Snyk, Fortify, Black Duck, Prisma, etc.).
* Perform secure code reviews and participate in peer security assessments.
* Drive early security engagement in the SDLC lifecycle.
* Author white papers, build proof-of-concepts, contribute to GitHub/open-source efforts.
* Influence leadership through clear communication of security needs and trade-offs.

Desired qualifications:

* 10+ years of experience in identifying security issues and risks, and developing mitigation plans
* 7+ years – Development experience in more than one language (preferred Java or C#; .NET CORE development experience including the development of RESTful APIs)
* 5+ years of automated / manual code review – secure code review, security peer review, static analysis
* Deep hands-on technical expertise in at least two of the following areas: network security, embedded/hardware security, cryptography, web and network protocols, data structures and algorithms, software development, threat modeling, pen tests, or vulnerability assessments
* Experience with GCP and Azure
* Experience with artificial intelligence, with a focus on machine learning and GenAI
* Certifications: CISSP, CSSLP, CASP+, CASE, GSEC


Seniority level

* Seniority level

Mid-Senior level


Employment type

* Employment type

Full-time


Job function

* Job function

Information Technology
* Industries

Banking

Referrals increase your chances of interviewing at Stash Talent Services by 2x

Get notified about new Senior Application Security Engineer jobs in Charlotte Metro.

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr