Senior/Principal Application Security EngineerSenior/Principal Application Security Engineer1 week ago Be among the first 25 applicantsGet AI-powered advice on this job and more exclusive features.Stash Talent Services provided pay rangeThis range is provided by Stash Talent Services. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.Base pay range$70.00/hr - $80.00/hrTitle: Principal Application Security EngineerDuration: 12+ monthsOverview:This Principal AppSec Engineer role is a senior-level opportunity for a thought leader in application security with deep expertise in secure SDLC, secure design, and hands-on engineering. This role will drive transformational initiatives across the enterprise and be a key figure in building secure-by-design practices.Required qualifications:7+ years of Application Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education.8+ years of experience in software engineering and application security.Deep knowledge of security tooling across the CI/CD pipeline.Strong public or community contributions (e.g., conference speaking, GitHub repos, blogs)Experience leading cross-functional technical initiatives.Excellent communication and stakeholder engagement skills.Financial services background preferred but not required.Key Responsibilities:Lead development of secure design frameworks and security requirements.Execute deep technical AppSec tasks and collaborate across security and engineering teams.Evaluate and integrate SAST, SCA, DAST, and other AppSec tools (Checkmarx, Snyk, Fortify, Black Duck, Prisma, etc.).Perform secure code reviews and participate in peer security assessments.Drive early security engagement in the SDLC lifecycle.Author white papers, build proof-of-concepts, contribute to GitHub/open-source efforts.Influence leadership through clear communication of security needs and trade-offs.Desired qualifications:10+ years of experience in identifying security issues and risks, and developing mitigation plans7+ years – Development experience in more than one language (preferred Java or C#; .NET CORE development experience including the development of RESTful APIs)5+ years of automated / manual code review – secure code review, security peer review, static analysisDeep hands-on technical expertise in at least two of the following areas: network security, embedded/hardware security, cryptography, web and network protocols, data structures and algorithms, software development, threat modeling, pen tests, or vulnerability assessmentsExperience with GCP and AzureExperience with artificial intelligence, with a focus on machine learning and GenAICertifications: CISSP, CSSLP, CASP+, CASE, GSECSeniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionInformation TechnologyIndustriesBankingReferrals increase your chances of interviewing at Stash Talent Services by 2xGet notified about new Senior Application Security Engineer jobs in Charlotte Metro.We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr