We are seeking an experienced Application Security Engineer to join our team for a 4-month contract opportunity. The successful candidate will have 2-4 years of experience in embedding security across the Secure SDLC, including application security testing, WAF management, and API security. They will work closely with development teams to remediate vulnerabilities and strengthen application security in a regulated healthcare environment.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
Job Description
We have a 4 month contract opportunity for a hands-on Application Security Engineer with 2–4 years of experience embedding security across the Secure SDLC, including application security testing (SAST/DAST/IAST), WAF management, and API security. They bring strong technical judgment, automation-minded problem solving, and the ability to partner closely with development teams to remediate vulnerabilities and strengthen application security in a regulated healthcare environment. 100% Remote.
Shift: 40 hours/ week
MUST HAVES:
- Bachelor's degree in a quantitative or business field (e.g., statistics, mathematics, engineering, computer science). Or equivalent experience acquired through accomplishments of applicable knowledge, duties, scope and skill reflective of the level of this position.
- Application Security Testing
- Web Application Firewalls
- API Security
Preferred Experience:
- Experience with SAST, DAST, IAST, MAST, and WAF.
About this Role:
- Application Security implements and enforces the Company’s secure system development life cycle (SSDLC) standard as defined in CC.SECR.14.04.A.
- The team accomplishes this by administrating the Company’s application security testing (AST) technologies and working directly with application development teams to ensure application weaknesses and identified vulnerabilities are mitigated or remediated within a standardized service level agreement (SLA).
- Key Projects: Web Application Firewall.(WAF) Management, Interactive Application Security Testing (IAST) expansion, Supply Chain Security, Application Security Posture Management (ASPM), and Application Programming Interface (API) Security.
D2D Responsibilities:
Performance expectations center around reducing security risk: meeting remediation SLAs, improving mean time to remediate, lowering the number of overdue vulnerabilities, and ensuring high coverage for scanning and reviews. You’re also measured on the accuracy of your assessments, the quality of your recommendations, and your ability to maintain a strong cloud and SaaS security posture while supporting audit and compliance requirements.
What makes this role unique is its combination of hands-on engineering and practical security analysis. It offers broad exposure—from application code to cloud infrastructure to SaaS systems—while giving you the chance to build automation that directly improves how teams work. The healthcare environment adds meaningful impact, as the work directly contributes to protecting sensitive patient data.
Similar Jobs
Explore other opportunities that match your interests
Principal Application Security Engineer
iherb
Senior Enterprise & Cloud Security Architect
Tranzeal Incorporated
