Senior Engineer Application Security

Achieving our goals starts with supporting yours. Grow your career, access top-tier health and wellness benefits, build lasting connections with your team and our customers, and travel the world using our extensive route network.

Come join us to create what’s next. Let’s define tomorrow, together.

Description

We are seeking a skilled Engineer Application Security resource to help us develop solutions to automate the security compliance operation, improve application security posture management, and drive for shift-left security to reduce the vulnerabilities. The ideal candidate will have experience with application development and CI/CD pipelines, sufficient background in AWS cloud, and strong cybersecurity and tooling knowledges.

Job Overview And Responsibilities

• Implement efficient code to turn design into working solutions at high quality.
• Develop pipeline templates, software components or tools to help developers to avoid introducing security vulnerabilities into applications.
• Work closely with security standard owners, security architects and engineers, business/stakeholders to define requirements and design technical solutions to automate security control validation
• Create and document standard of operations, procedures, guidelines, or knowledge materials for optimize execution and knowledge sharing.
• Identify areas for enhancements in existing programs and subsequently developing the enhancements. Test and evaluate new programs.
• Maintain and upgrade existing systems. Continuously identify opportunities for improvement.
  
  

• Bachelors degree in computer science, engineering, information system or related field
• 4 years of solid experience in developing applications using CI/CD pipeline in cloud environment
• Proficiency in Python programming for automation and scripting
• Demonstrated experience with additional programing languages (e.g., Java, .NET, JavaScript) and shell scripting (Bash/PowerShell)
• Hands-on experience with AWS core services, including EC2, S3, Lambda, CloudWatch, and DynamoDB
• Track record of delivering high-quality code and applications within project timelines
• Experience working with CI/CD pipelines, DevSecOps practices, and configuration management tools in multi-account environments
• Familiarity with Harness or GitHub Actions for integrating security into development workflowsSolid understanding of application principles, including OWASP Top 10 security risks, SSDLC, and mitigation strategies
• Experience with security scanning tools such as Veracode, Snyk, or similar platforms
• Working knowledge of cybersecurity best practices and compliance standards
• Strong problem-solving and troubleshooting skills
• Strong communication skills, both verbal and written
• Collaborative mindset with positive team spirit and relationship building
• Strong communication skills, both verbal and written
  
  

• 3 years of coding experience with JavaScript, Java, .Net
• AWS Cloud Practitioner or equivalent
• CSSLP