ZipRecruiter

Log In

1

Appsec Jobs (NOW HIRING)

Techno-Comp, Inc.

Cyber Security Engineer

Boston, MA · On-site

Implement AppSec practices across SDLC * Experience with SAST| DAST| SCA tools * Perform threat modeling and secure design reviews * Conduct secure code reviews * Analyze vulnerabilities for ...

East West Bank

Senior Security Engineer AppSec

Dallas, TX · On-site

$130K/yr

Lead bi-weekly AppSec Management Update & Post-Finding Review Training meetings * May perform other duties as assigned Qualifications * 3+ years of experience in application security, DevSecOps, or ...

Public Partnerships LLC

AppSec & DevSecOps Engineer

$60.25 - $80.25/hr

Job Summary We are seeking an experienced and proactive Application Security (AppSec) and DevSecOps Engineer to embed security throughout the software development lifecycle and CI/CD pipelines. You ...

Capgroup

AI AppSec Engineer Lead

Irvine, CA · On-site

$63 - $84.25/hr

Access on-demand professional development resources that allow you to hone existing skills and learn new ones "I can succeed as a AI AppSec Engineer Lead at Capital Group" As a LeadAIAppSecEngineer ...

Capgroup

AI AppSec Engineer Lead

Charlotte, NC · On-site

$57.50 - $76.75/hr

Access on-demand professional development resources that allow you to hone existing skills and learn new ones "I can succeed as a AI AppSec Engineer Lead at Capital Group" As a LeadAIAppSecEngineer ...

Capgroup

AI AppSec Engineer Lead

Los Angeles, CA · On-site

$63.25 - $84.50/hr

Access on-demand professional development resources that allow you to hone existing skills and learn new ones "I can succeed as a AI AppSec Engineer Lead at Capital Group" As a LeadAIAppSecEngineer ...

next page

Showing results 1-20

All JobsAppsec Jobs

Appsec information

Can you make $500,000 a year in cyber security?

AppSec professionals can potentially earn $500,000 annually, especially with senior roles, extensive experience, specialized skills, and certifications like CISSP or OSCP. High salaries are often found in large organizations, consulting, or leadership positions such as security directors or chief information security officers. Achieving this level typically requires years of experience and a strong track record in cybersecurity.

What job makes $10,000 a month without a degree?

In cybersecurity, roles such as penetration testers or security consultants can earn $10,000 or more per month, especially with specialized skills, certifications like CISSP or OSCP, and experience. These positions often require hands-on expertise, knowledge of security tools, and continuous learning but do not always require a formal degree.

What does an AppSec team do?

An AppSec (Application Security) team is responsible for identifying and fixing security vulnerabilities in software applications. They conduct code reviews, perform security testing, and implement security best practices to protect applications from cyber threats, often using tools like static and dynamic analysis software. Their work helps ensure the confidentiality, integrity, and availability of software systems throughout the development lifecycle.

Will AI replace AppSec engineers?

AI can automate certain tasks in application security, such as vulnerability scanning and code analysis, but AppSec engineers are essential for designing security strategies, interpreting complex threats, and implementing security measures. AI tools serve as supplements to human expertise rather than replacements, and skills in security principles, coding, and tool usage remain critical for the role.

What is the difference between Appsec vs Security Analyst?

AspectAppsecSecurity Analyst
Required CredentialsCertifications like CISSP, CEH, OSCP; knowledge of secure codingCertifications such as Security+, CISSP; threat analysis skills
Work EnvironmentDevelopment teams, secure coding practices, application testingMonitoring security systems, incident response, risk assessment
Employer & Industry UsageTech companies, software firms, organizations with application security needsAll industries, including finance, healthcare, government, focusing on security monitoring

Appsec professionals focus on securing applications through secure coding, testing, and vulnerability management, while Security Analysts monitor and respond to security threats across systems. Both roles require security certifications and work in overlapping environments, but their core responsibilities differ in scope and focus.

More about Appsec jobs
What cities are hiring for Appsec jobs? Cities with the most Appsec job openings:
What states have the most Appsec jobs? States with the most job openings for Appsec jobs include:
What job categories do people searching Appsec jobs look for? The top searched job categories for Appsec jobs are:
Appsec jobs near you
Infographic showing various Appsec job openings in the United States as of June 2026, with employment types broken down into 98% Full Time, and 2% Contract. Highlights an 72% Physical, 5% Hybrid, and 23% Remote job distribution.

Senior Application Security Engineer - Vulnerability Operations

2T Consulting

Jersey City, NJ

$61.25 - $82/hr

Full-time

Posted 17 days ago

Job description

Roles and Responsibilities

1. Strategic AppSec Leadership

  • Drive enterprise-wide implementation of Application Security controls across CI/CD pipelines.
  • Partner with AppSec Champions to embed secure development practices and improve security adoption.
  • Define and manage tiered security control strategy (Tier 1–3) with quarterly migration goals.
  • Enable decentralized security ownership across engineering teams.

2. Vulnerability & Threat Management

  • Lead triage, analysis, and remediation of complex and high-risk vulnerabilities.
  • Serve as SME for modern threat classes including cloud-native risks, APIs, supply chain, containers, serverless, and emerging OWASP categories.
  • Perform threat modeling and security design reviews for critical applications.
  • Provide escalation support for advanced AppSec issues.

3. CI/CD Security & Automation

  • Architect and enhance CI/CD security integrations (SAST, DAST, SCA, secrets, IaC scanning).
  • Implement policy-as-code and automated security gating (merge/build prevention).
  • Develop reusable security automation frameworks and pipeline modules.

4. Governance & Reporting

  • Build dashboards, KPIs, and risk scorecards using tools like Power BI or Grafana.
  • Lead vulnerability governance forums and executive reporting on security posture and trends.
  • Manage risk registers, remediation tracking, and quarterly program alignment.

5. Enablement & Continuous Improvement

  • Mentor AppSec engineers and support security champion enablement programs.
  • Evaluate scanning outputs, reduce false positives, and improve detection quality.
  • Continuously enhance AppSec processes, tools, and onboarding workflows.
  • Stay current with emerging threats and security trends.
Required Qualifications
  • Bachelor’s or Master’s degree in Computer Science, Cybersecurity, or related field.
  • 7+ years of experience in Application Security, Vulnerability Management, or Secure SDLC.
  • Strong expertise in secure design, threat modeling, exploit analysis, and remediation strategies.
  • Hands-on experience with CI/CD security tooling (SAST, DAST, SCA, secrets, IaC scanning).
  • Proven experience working with engineering teams to drive AppSec adoption and governance.
  • Ability to analyze vulnerability trends and emerging/zero-day threats.
Preferred Qualifications
  • Cloud security experience across AWS, Azure, or GCP.
  • Certifications such as CISSP, CSSLP, OSCP, OSWE, GWAPT, or equivalent.
  • Experience with policy enforcement tools (OPA/Gatekeeper).
  • Knowledge of software supply chain security (SLSA, SBOM).
  • Experience building AppSec Champion or federated security models.

Apply