Application Security Engineer
Salary undisclosed
Checking job availability...
Original
Simplified
Date Posted: 03/12/2025
Hiring Organization: Rose International
Position Number: 479541
Job Title: Application Security Engineer
Job Location: Tempe, AZ, USA, 85288
Work Model: Hybrid
Shift: Hybrid role: 4 days/week in the office, 1 day work from home
Employment Type: Temporary
Estimated Duration (In months): 6
Min Hourly Rate($): 70.00
Max Hourly Rate($): 80.00
Must Have Skills/Attributes: Analysis, Application Security, Security, Testing, Vulnerability
Nice To Have Skills/Attributes: Java, Python
Job Description
***Only qualified Application Security Engineer candidates located near Tempe, AZ area to be considered due to the position requiring an onsite presence***
Required Education:
o Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
Preferred Certifications:
o Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable
Required Skills:
o 5+ years of experience in Application Security, Secure Development, DAST, and SAST
o Hands-on experience with DAST tools such as Invicti (Netsparker), AppScan, Burp Suite, Acunetix
o Experience with SAST tools like Veracode and Fortify
o Experience with Burp Suite performing manual testing
o Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK)
o Scripting skills (Python, Bash, PowerShell) to automate security tasks
o Software development experience in Java, .NET, Python, or similar languages
o Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines
Preferred Experience:
o Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus
Key Responsibilities:
Application Security Testing & Analysis:
o Conduct DAST scans using Invicti to identify vulnerabilities in applications
o Conduct SAST scans using Veracode to identify vulnerabilities in source code
o Conduct SCA scans using Veracode to identify vulnerabilities in open source components
o Compare SAST and DAST results to ensure comprehensive vulnerability coverage
o Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations
o Work with CI/CD pipelines to integrate security testing into DevOps workflows
o As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives
Software Development & Secure Coding Knowledge:
o Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases
o Work with development teams to remediate security flaws in source code and follow secure coding practices
o Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them
Vulnerability Management & Compliance:
o Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA
o Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA
o Review and approve SDLC tasks (MME and SbD Client processes) for DAST, SAST, and SCA
o Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks
Security Collaboration & Process Improvement:
o Automate security scanning processes and improve reporting capabilities
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
Hiring Organization: Rose International
Position Number: 479541
Job Title: Application Security Engineer
Job Location: Tempe, AZ, USA, 85288
Work Model: Hybrid
Shift: Hybrid role: 4 days/week in the office, 1 day work from home
Employment Type: Temporary
Estimated Duration (In months): 6
Min Hourly Rate($): 70.00
Max Hourly Rate($): 80.00
Must Have Skills/Attributes: Analysis, Application Security, Security, Testing, Vulnerability
Nice To Have Skills/Attributes: Java, Python
Job Description
***Only qualified Application Security Engineer candidates located near Tempe, AZ area to be considered due to the position requiring an onsite presence***
Required Education:
o Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
Preferred Certifications:
o Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable
Required Skills:
o 5+ years of experience in Application Security, Secure Development, DAST, and SAST
o Hands-on experience with DAST tools such as Invicti (Netsparker), AppScan, Burp Suite, Acunetix
o Experience with SAST tools like Veracode and Fortify
o Experience with Burp Suite performing manual testing
o Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK)
o Scripting skills (Python, Bash, PowerShell) to automate security tasks
o Software development experience in Java, .NET, Python, or similar languages
o Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines
Preferred Experience:
o Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus
Key Responsibilities:
Application Security Testing & Analysis:
o Conduct DAST scans using Invicti to identify vulnerabilities in applications
o Conduct SAST scans using Veracode to identify vulnerabilities in source code
o Conduct SCA scans using Veracode to identify vulnerabilities in open source components
o Compare SAST and DAST results to ensure comprehensive vulnerability coverage
o Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations
o Work with CI/CD pipelines to integrate security testing into DevOps workflows
o As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives
Software Development & Secure Coding Knowledge:
o Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases
o Work with development teams to remediate security flaws in source code and follow secure coding practices
o Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them
Vulnerability Management & Compliance:
o Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA
o Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA
o Review and approve SDLC tasks (MME and SbD Client processes) for DAST, SAST, and SCA
o Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks
Security Collaboration & Process Improvement:
o Automate security scanning processes and improve reporting capabilities
- **Only those lawfully authorized to work in the designated country associated with the position will be considered.**
- **Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client's business needs and requirements.**
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job Date Posted: 03/12/2025
Hiring Organization: Rose International
Position Number: 479541
Job Title: Application Security Engineer
Job Location: Tempe, AZ, USA, 85288
Work Model: Hybrid
Shift: Hybrid role: 4 days/week in the office, 1 day work from home
Employment Type: Temporary
Estimated Duration (In months): 6
Min Hourly Rate($): 70.00
Max Hourly Rate($): 80.00
Must Have Skills/Attributes: Analysis, Application Security, Security, Testing, Vulnerability
Nice To Have Skills/Attributes: Java, Python
Job Description
***Only qualified Application Security Engineer candidates located near Tempe, AZ area to be considered due to the position requiring an onsite presence***
Required Education:
o Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
Preferred Certifications:
o Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable
Required Skills:
o 5+ years of experience in Application Security, Secure Development, DAST, and SAST
o Hands-on experience with DAST tools such as Invicti (Netsparker), AppScan, Burp Suite, Acunetix
o Experience with SAST tools like Veracode and Fortify
o Experience with Burp Suite performing manual testing
o Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK)
o Scripting skills (Python, Bash, PowerShell) to automate security tasks
o Software development experience in Java, .NET, Python, or similar languages
o Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines
Preferred Experience:
o Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus
Key Responsibilities:
Application Security Testing & Analysis:
o Conduct DAST scans using Invicti to identify vulnerabilities in applications
o Conduct SAST scans using Veracode to identify vulnerabilities in source code
o Conduct SCA scans using Veracode to identify vulnerabilities in open source components
o Compare SAST and DAST results to ensure comprehensive vulnerability coverage
o Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations
o Work with CI/CD pipelines to integrate security testing into DevOps workflows
o As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives
Software Development & Secure Coding Knowledge:
o Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases
o Work with development teams to remediate security flaws in source code and follow secure coding practices
o Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them
Vulnerability Management & Compliance:
o Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA
o Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA
o Review and approve SDLC tasks (MME and SbD Client processes) for DAST, SAST, and SCA
o Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks
Security Collaboration & Process Improvement:
o Automate security scanning processes and improve reporting capabilities
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
Hiring Organization: Rose International
Position Number: 479541
Job Title: Application Security Engineer
Job Location: Tempe, AZ, USA, 85288
Work Model: Hybrid
Shift: Hybrid role: 4 days/week in the office, 1 day work from home
Employment Type: Temporary
Estimated Duration (In months): 6
Min Hourly Rate($): 70.00
Max Hourly Rate($): 80.00
Must Have Skills/Attributes: Analysis, Application Security, Security, Testing, Vulnerability
Nice To Have Skills/Attributes: Java, Python
Job Description
***Only qualified Application Security Engineer candidates located near Tempe, AZ area to be considered due to the position requiring an onsite presence***
Required Education:
o Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
Preferred Certifications:
o Relevant security certifications (e.g., OSCP, OSWE, GWAPT, CEH) are highly desirable
Required Skills:
o 5+ years of experience in Application Security, Secure Development, DAST, and SAST
o Hands-on experience with DAST tools such as Invicti (Netsparker), AppScan, Burp Suite, Acunetix
o Experience with SAST tools like Veracode and Fortify
o Experience with Burp Suite performing manual testing
o Strong knowledge of web security vulnerabilities (OWASP Top 10, SANS 25, MITRE ATT&CK)
o Scripting skills (Python, Bash, PowerShell) to automate security tasks
o Software development experience in Java, .NET, Python, or similar languages
o Familiarity with secure software development life cycle (SSDLC) and CI/CD pipelines
Preferred Experience:
o Experience with cloud security (AWS, Azure, Oracle Cloud) is a plus
Key Responsibilities:
Application Security Testing & Analysis:
o Conduct DAST scans using Invicti to identify vulnerabilities in applications
o Conduct SAST scans using Veracode to identify vulnerabilities in source code
o Conduct SCA scans using Veracode to identify vulnerabilities in open source components
o Compare SAST and DAST results to ensure comprehensive vulnerability coverage
o Analyze scan results, identify root causes, and collaborate with developers to implement effective remediations
o Work with CI/CD pipelines to integrate security testing into DevOps workflows
o As-needed, conduct manual verification and secondary authenticated scans using Burp Suite to reduce false negatives
Software Development & Secure Coding Knowledge:
o Understand and evaluate vulnerabilities in Java, .NET, Python, and other application codebases
o Work with development teams to remediate security flaws in source code and follow secure coding practices
o Provide guidance on OWASP Top 10 and SANS 25 vulnerabilities, including how they arise, how to exploit them, and how to prevent them
Vulnerability Management & Compliance:
o Ensure required DAST, SAST, and SCA release and periodic scanning is occurring and that scans and findings are addressed within SLA
o Review and approve false positives and mitigated-by-design requests for DAST, SAST, and SCA
o Review and approve SDLC tasks (MME and SbD Client processes) for DAST, SAST, and SCA
o Maintain compliance with NIST, PCI-DSS, FFIEC, SOX, CIS security frameworks
Security Collaboration & Process Improvement:
o Automate security scanning processes and improve reporting capabilities
- **Only those lawfully authorized to work in the designated country associated with the position will be considered.**
- **Please note that all Position start dates and duration are estimates and may be reduced or lengthened based upon a client's business needs and requirements.**
Benefits:
For information and details on employment benefits offered with this position, please visit here. Should you have any questions/concerns, please contact our HR Department via our secure website.
California Pay Equity:
For information and details on pay equity laws in California, please visit the State of California Department of Industrial Relations' website here.
Rose International is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender (expression or identity), national origin, arrest and conviction records, disability, veteran status or any other characteristic protected by law. Positions located in San Francisco and Los Angeles, California will be administered in accordance with their respective Fair Chance Ordinances.
If you need assistance in completing this application, or during any phase of the application, interview, hiring, or employment process, whether due to a disability or otherwise, please contact our HR Department.
Rose International has an official agreement (ID #132522), effective June 30, 2008, with the U.S. Department of Homeland Security, U.S. Citizenship and Immigration Services, Employment Verification Program (E-Verify). (Posting required by OCGA 13/10-91.).
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job