Senior Application Security Engineer

Enact Holdings•Raleigh, NC

4d•Hybrid

About The Position

At Enact, we understand that there’s no place like home. That’s why we bring our deep expertise, insightful offerings, and extra mile service to work every day to help lenders put more people in homes and keep them there. We’re looking for a Senior Application Security Engineer in Raleigh, NC to join us in fulfilling our mission, while utilizing our values of excellence, improvement, and connection. In this role, you will contribute to advanced application, cloud, and AI security through threat modeling, secure design reviews, and AI security governance while functioning as one of two technical peers to product teams to accelerate secure delivery and mitigate technical risk in production environments. LOCATION Enact Headquarters, Raleigh, NC – Hybrid Schedule

Requirements

Bachelor’s degree in computer science, cybersecurity, information technology, or a related field.
7+ years of experience in application security, including securing custom-built, cloud-native, and distributed systems.
Strong understanding how to assess and secure web services including application programming interfaces.
Strong understanding how to assess and secure artificial intelligence solutions.
Demonstrated technical leadership and mentorship, with the ability to guide engineers and security practitioners through secure design and risk mitigation.
Strong risk-based and data-informed approach to prioritizing security work based on impact, likelihood, and business context.
Clear understanding of business objectives and delivery pressures, with the ability to align security architecture and recommendations to operational efficiency, customer trust, and regulatory expectations.
Offensive Security Certified Expert (OSCE).

Nice To Haves

AWS Certified Security - Specialty and/or CSA Trusted AI Safety Expert (TAISE)
Experience securing serverless, function-oriented, and event-driven cloud workloads, CI/CD pipelines, and infrastructure-as-code, i.e., Terraform.
Strong proficiency in Python for security automation, analysis, and tooling.

Responsibilities

Provide advanced application, cloud, and AI security leadership by embedding security expertise directly into software architecture, design, and development workflows.
Secure the organization’s use of AI and agentic AI by guiding safe design, privacy controls, model usage, and AI-assisted development practices.
Lead advanced application security activities, including threat modeling, secure design reviews, penetration testing, and remediation guidance for internally developed and customer-facing systems.
Function as an application security architecture peer to product team subject matter experts, enabling informed challenge and collaboration without slowing delivery.
Elevate the effectiveness of the security team through technical mentorship, durable ownership of critical platforms, and reduction of keyperson and vendor dependency.