Contract consulting opportunity for an experienced Application Security Engineer Client requirements: * Local to Minneapolis, MN area preferred (onsite 1-2 days) * Work authorization status: US ...
AppFolio
62 Appfolio Application Security Engineer Jobs Hiring Near You
Contract consulting opportunity for an experienced Application Security Engineer Client requirements: * Local to Minneapolis, MN area preferred (onsite 1-2 days) * Work authorization status: US ...
$58.75 - $78.50/hr
Rubrik is seeking an Application Security Engineer. In this role, you will be responsible for ensuring that Rubrik's products and services are designed and implemented to the highest possible ...
$58.75 - $78.50/hr
Rubrik is seeking an Application Security Engineer. In this role, you will be responsible for ensuring that Rubrik's products and services are designed and implemented to the highest possible ...
AppFolio Jobs Information
What are the key skills and qualifications needed to thrive as an Application Security Engineer, and why are they important?
To thrive as an Application Security Engineer, you need a solid background in software development, cybersecurity fundamentals, and vulnerability assessment, often supported by a degree in computer science or a related field. Familiarity with tools such as static and dynamic application security testing (SAST/DAST), penetration testing frameworks, and relevant certifications like CISSP or CEH is common. Attention to detail, problem-solving abilities, and strong communication skills help you effectively identify risks and collaborate with development teams. These skills are crucial for safeguarding applications against evolving threats and ensuring secure software delivery.
What are some common challenges faced by Application Security Engineers when integrating security into the software development lifecycle?
Application Security Engineers often encounter challenges such as balancing security requirements with development speed, ensuring all team members understand secure coding practices, and keeping up with evolving threats. They frequently work closely with developers, DevOps, and QA teams to embed security controls without disrupting workflows. Overcoming these challenges requires strong communication skills, a deep understanding of both security and software development, and the ability to advocate for security as a shared responsibility across the organization.
What does an Application Security Engineer do?
An Application Security Engineer is responsible for identifying and mitigating security vulnerabilities in software applications throughout their development lifecycle. They work closely with developers to ensure secure coding practices, conduct security assessments and code reviews, and implement tools for threat detection and prevention. Their primary goal is to protect applications from threats such as data breaches, unauthorized access, and other forms of cyber attacks. They also stay updated on the latest security trends and compliance requirements to keep applications safe.
What is the difference between Application Security Engineer vs Security Analyst?
| Aspect | Application Security Engineer | Security Analyst |
|---|---|---|
| Certifications | CEH, CISSP, OSCP | CISSP, Security+ |
| Work Environment | Develops security measures, reviews code, tests applications | Monitors security systems, investigates incidents, analyzes threats |
| Industry Usage | Tech companies, software firms, organizations with strong app focus | Broad sectors including finance, healthcare, government |
Application Security Engineers focus on securing software applications through code review, vulnerability testing, and implementing security measures. Security Analysts monitor and analyze security threats, respond to incidents, and maintain security systems. While both roles require security certifications and work in security-focused environments, Application Security Engineers are more involved in the development and testing of secure applications, whereas Security Analysts focus on threat detection and incident response.
What other companies are hiring for Application Security Engineer jobs?
What are the most popular jobs at Appfolio?
What are the most popular categories at Appfolio?
$75 - $110/hr
Other
Medical, Dental, Retirement
Posted 8 days ago
Job description
Contract consulting opportunity for an experienced Application Security Engineer
Client requirements:
Seeking a highly motivated Senior Application Security Engineer to support and advance enterprise AI security initiatives across engineering and cybersecurity. You will partner closely with engineering teams to evaluate emerging AI security practices, assess secure development standards, and operationalize tooling that improves the security posture of AI-enabled applications and platforms.
The ideal candidate will have strong experience in application security, secure software development practices, CI/CD pipeline integrations, and vulnerability discovery techniques. This individual will help evaluate and implement modern AI security tooling, perform secure code reviews, validate dynamic application security testing results, and contribute to the development of scalable security controls for AI systems. Key Responsibilities:
Client requirements:
- Local to Minneapolis, MN area preferred (onsite 1-2 days)
- Work authorization status: US Citizen or GC holder
- W2 hourly only - no corp to corp
Seeking a highly motivated Senior Application Security Engineer to support and advance enterprise AI security initiatives across engineering and cybersecurity. You will partner closely with engineering teams to evaluate emerging AI security practices, assess secure development standards, and operationalize tooling that improves the security posture of AI-enabled applications and platforms.
The ideal candidate will have strong experience in application security, secure software development practices, CI/CD pipeline integrations, and vulnerability discovery techniques. This individual will help evaluate and implement modern AI security tooling, perform secure code reviews, validate dynamic application security testing results, and contribute to the development of scalable security controls for AI systems. Key Responsibilities:
- Partner with AI engineering and cybersecurity teams to evaluate and implement AI security best practices, tooling, and operational processes.
- Conduct secure code reviews across applications, APIs, automation workflows, and AI-enabled services.
- Evaluate and validate results from dynamic application security testing (DAST), software composition analysis (SCA), and vulnerability discovery platforms.
- Assist in integrating security controls and automated testing into CI/CD pipelines.
- Research and assess emerging AI vulnerability discovery tools and AI-specific security testing methodologies.
- Analyze application and infrastructure vulnerabilities, prioritize remediation recommendations, and partner with engineering teams on mitigation strategies.
- Support threat modeling and security design reviews for AI and machine learning systems.
- Collaborate with engineering teams to improve secure development lifecycle (SDLC) practices.
- Develop documentation, standards, and repeatable processes related to AI application security and vulnerability management.
- Participate in proof-of-concept evaluations for new security technologies and AI security capabilities.
- 4+ years of experience in application security, cybersecurity engineering, software engineering, or related technical security roles.
- Strong understanding of secure coding principles and common application vulnerabilities.
- Experience performing secure code reviews in one or more modern programming languages.
- Familiarity with CI/CD pipelines and automated security testing integrations.
- Experience with dynamic application security testing (DAST) tools and vulnerability assessment methodologies.
- Understanding of OWASP Top 10, API security risks, and secure software development lifecycle practices.
- Experience analyzing and validating vulnerability findings from automated security tools.
- Strong analytical and problem-solving skills with the ability to communicate technical findings clearly.
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, Engineering, or equivalent practical experience.
- Experience working in enterprise-scale DevSecOps environments.
- Familiarity with AI security frameworks, adversarial testing concepts, or AI vulnerability discovery tooling.
- Familiarity with cloud security practices across AWS, Azure, or GCP.
- Knowledge of software composition analysis (SCA), static application security testing (SAST), and runtime security tools.
- Relevant industry certifications such as CISSP, CSSLP, OSCP, GSEC, or GIAC application security certifications.
About ITR Group
Sourced by ZipRecruiter
At ITR Group, we relish the challenge of the ever evolving IT services industry and enjoy being the strategic edge that’s key to our clients’ success. At the same time, we want our consultants to know they have an advocate and a home base. As one of the region’s longest lasting IT consulting groups, these are all elements of our secret sauce, the Everyday Excellence that has helped us thrive.
Industry
It services
Company size
1 - 10 Employees
Headquarters location
Mendota Heights, MN, US
Year founded
1997