Cybersecurity Engineer 4

Description: The Application Cybersecurity engineer is responsible for facilitating security solutions to help software engineers build secure applications. Application Security Engineers will help development teams identify security gaps in their applications and services and assist in coming up with solutions to close those gaps and make services compliant to enterprise security requirements. Typical Day: Maintain current knowledge on existing security procedures, directives and technology controls including application testing, threat modeling, attack and penetration testing, data classification and data handling Work directly in traditional AppSec tools like SAST, SCA, and DAST to ensure that the tools are working properly and that findings are addressed and managed as defects. Understand security requirements and risk tolerance baselines Keep development teams accountable to metrics measuring risk Track existing risk statements and work with risk owners to close gaps. Technical Skills Required: Experience with relevant industry standards, such as: o ISO 27001, 27002 o NIST CSF o NIST 800-82 o ISA 62443 o SOC Reporting Experience with a wide variety of information security processes and principles, such as: Enterprise security architecture; Threat model development; Vulnerability assessment; Risk analysis; Defense in depth; SDLC and product development processes o Identity and access management; Business process design. Engineers must have the following: 3-5 years of CyberSecurity experience Familiarity with Web Application Security standards (OWASP, MITRE) Experience with application security technologies including SCA/SAST/DAST and the ability to identify false positives and assist with remediation planning Previous experience integrating security tools in CI/CD development pipelines Excellent verbal and written communications Preferred candidates should have: 5+ years Cybersecurity experience Professional certification (CISSP, CCSP, GWAPT, GWEB, AWS SA / Certified Security, etc.) 1-3 years working directly with Cloud Infrastructure as code (CFT, TF) in AWS Familiarity with ServiceNow VM and GRC modules Development of automation and scripting 3 years experience. (Desired) Web services security Desired: Professional information security certification (CISSP, CCSP, CSSLP, GISCP, GWAPT, GWEB etc) ; Strong understanding and experience with information security technologies Soft Skills Required: Excellent written and verbal communications skills; demonstrated ability to communicate highly technical security concepts to non-security audiences Ability to coordinate multiple teams in accomplishing process review and improvement Education Requirements: Bachelor's degree in Computer Science or a related field 8 or more years in information security Travel: None Required Skills : Automation Additional Skills : Controls Engineer

Created: 2026-03-04