Lead Application Security Engineer - REMOTE

Application Security Engineer - REMOTE HQ is in Minneapolis - St Paul, MN Direct Hire: Targeting $130,000 - $160,000 Base salary range DOQ Our direct and long-time client - established, very profitable ( coming off record years ! ) is in the infant stages of enterprise / product / operational Transformation! They are in the infant stage of building a brand new SaaS / Cloud platform that will their customers '' one stop shop '' access point. The CISO is looking to hire a confident Application Security Engineer who has proven experience '' building processes, tools, pipelines, etc. from scratch '' . This will NOT be a operations, keep lights on role. This Lead level Application Security Engineer will have dotted line to this new Product Engineering division and responsible for the training, coaching and collaboration with their SW Engineers to deliver Secure coding practices throughout the development of this new platform. Looking for a Lead level Application Security Engineer who is technically savvy but also self-starting, confident and able to build from scratch. This new platform will be on Azure Cloud and is mostly a Microsoft shop, however, coding languages, tools, architecture, etc. are all up for discussion at this point. * Application Development with focus on security on Java, .Net, AngularJS, Python, JavaScript, open-source languages, and frameworks * OWASP Top 10 and vulnerabilities and remediation technics * Secure-by-Design and Secure-Coding approaches and techniques * Threat Modeling, API Security testing, and knowledge on container security * Preferably experience with setting up Secure Cloud configurations (Azure, AWS etc.) * Preferred having security related certification - CISSP, CCSP, GSEC, SANS GIAC or equivalent. * The ability to be on the leading edge of SaaS driven technology solutions Responsibilities: * Conduct Threat Modeling on various components of application solutions. * Hands-on coding on various security use cases into developers'' unit, integration, Selenium, and API testing. * Perform security testing via Static, Dynamic or Interactive tools and rule-out false positives. * Collaborate with DevOps engineers and be hands-on on developing security features/ controls/ tests as infrastructure-as-code in CI/CD pipeline. * Review, analyze, and help on re-test various Pen Testing items. * Provides appropriate security guidance and answer technical and procedural questions for less experience team members; teaching improved processes and mentoring of team members knowledge transfer to design and implement appropriate safeguards. About Infinity Consulting Solutions At Infinity Consulting Solutions our mission is to cultivate successful long term relationships with candidates and clients matching the right candidate with the right client. We believe technology cannot replace the real personal relationships we cultivate. We reject the notion that technology alone is the answer to staffing which is why we our successful partnerships rely on collaboration NOT automation. ICS has been providing flexible staffing solutions for over 20 years in Information Technology, Compliance, Accounting / Finance and Corporate Support. Our staffing solutions include Contract, Temp to Perm and Permanent Placement. ICS is an Equal Opportunity Employer.

Created: 2025-09-06