Application Security Engineer (Middle) ID71671

AgileEngine•Downey, CA

7d•Hybrid

About The Position

We are looking for a Middle Application Security Engineer to execute hands-on DevSecOps work across CI/CD pipeline security integration, vulnerability management tooling, and automated hardened baseline deployment within a large-scale financial services security program. You will write Python scripts to integrate SAST, DAST, and SCA gates into CI/CD pipelines, tune scanning tools to reduce false positives, and provide code-level remediation guidance to Java and Python development teams. The role requires 3–5 years of combined software engineering and AppSec experience.

Requirements

3–5 years of commercial experience blending software engineering and DevSecOps/AppSec
Solid coding proficiency in Python for automation and scripting
Ability to comfortably read and navigate Java source code
Working knowledge of modern CI/CD orchestration tools
Practical experience interacting with vulnerability scoring frameworks
Ability to operate with minimal supervision on day-to-day execution and reliably complete complex scripting and integration tasks
Upper-intermediate English level

Nice To Haves

Hands-on experience with CNAPP or ASPM platforms such as Wiz
Basic understanding of application threat modeling

Responsibilities

Write and maintain the scripts necessary to integrate security gates such as SAST, DAST, and SCA into CI/CD pipelines
Continuously tune and configure existing security scanning tools to eliminate false positives and deliver high-confidence alerts
Assist in coding and deploying automated hardened baselines and secure coding patterns
Work directly with product development teams to provide actionable, code-level remediation guidance in Java and Python