Partner with distributed engineering teams to provide AppSec expertise, improve security guidance, and boost the overall security posture of a large-scale environment serving 400+ million users.
Key Highlights
Technical Skills Required
Benefits & Perks
Job Description
Job Title: Application Security Engineer (Contract)
Location: Fully Remote, US, EST
W2 ONLY – we are not able to sponsor for this role
Job Summary:
Clients is looking for a seasoned Application Security Engineer to strengthen its product security program. In this role, you’ll partner with distributed engineering teams to provide AppSec expertise, improve security guidance, and boost the overall security posture of a large-scale, fast-moving environment serving 400+ million users.
Responsibilities:
• Provide security guidance aligned with modern best practices and frameworks like OWASP.
• Lead and support Threat Modeling sessions and broader security education across teams.
• Drive cross-functional efforts to enhance the security of clients engineering ecosystem.
• Oversee adoption and tuning of security tools (including SAST) and optimize detections.
• Develop and codify reusable security guidance for engineers.
Qualifications:
• 5+ years of hands-on application security experience.
• Strong knowledge of OWASP Top 10 (Web + API required; Mobile and LLM are a plus).
• Skilled in Threat Modeling and building Threat Modeling practices.
• Ability to read and tune SAST findings across Java, Python, Scala, C++, and TypeScript; CodeQL/QL query experience preferred.
• Comfortable writing code to integrate and automate security tools.
• Excellent communication and security evangelism skills; able to influence and teach diverse technical audiences.