Information Security / Application Security Engineer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Information Security / Application Security Engineer in the United States.

This role offers an exciting opportunity to bridge the gap between software development and security in a high-impact engineering environment. You will work closely with development teams to integrate security practices into the software development lifecycle, implement automation for security checks, and support the scaling of the organization’s security posture. This position combines hands-on technical work with collaboration across engineering, infrastructure, and compliance teams to drive secure, compliant, and resilient software solutions. You will contribute directly to initiatives supporting SOC 2, ISO 27001, and FedRAMP compliance while shaping the company’s application security strategy.

• Accountabilities:
• Embed security into the SDLC by reviewing architecture, code, and CI/CD pipelines for potential vulnerabilities.
• Collaborate with developers to implement secure authentication, authorization, and secrets management practices.
• Design and roll out software development security controls and automate security evidence collection for compliance frameworks.
• Support vulnerability management, risk assessments, and security incident response within engineering projects and new deployments.
• Integrate and maintain security tooling for static analysis, dependency scanning, container security, and policy enforcement.
• Work closely with IT and infrastructure teams to ensure endpoint hardening, identity, and access controls are effective.
• Requirements:
• 3+ years of professional software engineering experience using Python, Go, Java, or similar languages.
• Solid understanding of application security fundamentals, including authentication, encryption, input validation, secrets management, and secure APIs.
• Familiarity with modern DevOps and cloud environments, particularly GCP.
• Experience with CI/CD systems such as GitHub Actions, GitLab CI, and integrating security tooling.
• Strong collaboration skills, able to balance pragmatism and security when working with engineering teams.
• Preferred: Exposure to security compliance frameworks (SOC 2, ISO 27001, FedRAMP) and hands-on experience with tools like HashiCorp Vault, Snyk, Trivy, or Open Policy Agent.
• Preferred: Experience in cloud-native environments (Kubernetes, Terraform, Infrastructure-as-Code security) and relevant certifications such as CSSLP, GCSA, or OSWE.
• Benefits:
• Competitive US-based salary with potential performance-based bonuses.
• Flexible working arrangements, including hybrid and fully remote options.
• Comprehensive health, dental, and vision coverage.
• Professional development support including training, certifications, and skill growth opportunities.
• Collaborative, inclusive, and values-driven culture emphasizing continuous learning and cross-functional teamwork.
• Access to wellness programs and resources supporting work-life balance and overall well-being.
  
  

Jobgether is a Talent Matching Platform that partners with companies worldwide to efficiently connect top talent with the right opportunities through AI-driven job matching.

When you apply, your profile goes through our AI-powered screening process designed to identify top talent efficiently and fairly.

🔍 Our AI evaluates your CV and LinkedIn profile thoroughly, analyzing your skills, experience, and achievements.

📊 It compares your profile to the job’s core requirements and past success factors to determine your match score.

🎯 Based on this analysis, we automatically shortlist the three candidates with the highest match to the role.

🧠 When necessary, our human team may perform an additional manual review to ensure no strong profile is missed.

The process is transparent, skills-based, and free of bias — focusing solely on your fit for the role. Once the shortlist is completed, we share it directly with the company that owns the job opening. The final decision and next steps (such as interviews or additional assessments) are then made by their internal hiring team.

Thank you for your interest!

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.