Application Security Engineer

Description: We are looking for an Application Security Engineer to join our growing Information Security team. In this role, you'll collaborate with development, DevOps, and security teams to help build secure software at every stage of the SDLC. Your work will directly contribute to the protection of sensitive data, systems, and client trust across our digital landscape. Job Duties: Partner with application delivery and DevOps teams to embed security into the SDLC and perform or facilitate the following functions: Conduct secure code reviews and perform SAST, DAST, and manual security assessments. Perform threat modeling and risk analysis for new and existing application architectures. Define, implement, and automate application security testing in CI/CD pipelines. Deploy and manage tools such as Snyk, Veracode, OWASP ZAP, Burp Suite, and Checkmarx. Provide actionable remediation guidance to developers and promote secure coding best practices. Deliver targeted security training sessions for development and engineering teams. Assist with incident response for application-related security events, including root cause analysis and follow-up improvements. Monitor and ensure adherence to industry frameworks and standards (e.g., OWASP, NIST, PCI-DSS). Define and maintain secure development policies and reference architectures. Stay ahead of emerging threats, zero-day vulnerabilities, and innovative security solutions. Research and recommend new tools and practices to strengthen our application security posture. QualificationsEducation: Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience). Experience: 3-5 years of experience in application security, software development, or DevSecOps roles. Hands-on experience with application security tools such as Snyk, Veracode, OWASP ZAP, Burp Suite, Checkmarx or similar tools. Technical Skills: Strong knowledge of web and mobile app vulnerabilities (e.g., OWASP Top Ten, CWE). Experience with at least one programming/scripting language (Python, Java, JavaScript, etc.). Proficiency in integrating security into CI/CD pipelines and DevOps workflows. Familiarity with cloud-native architectures and container security is a plus. Understanding of AI/ML security risks, including prompt injection, model misuse, data leakage, and secure API integrations. Soft Skills: Strong analytical and problem-solving skills. Excellent verbal and written communication skills. Ability to explain technical risks to non-technical stakeholders. Preferred Qualifications (not mandatory): Knowledge of containerization and orchestration platforms (Docker, Kubernetes). Experience securing AI/ML workloads or AI-enabled applications is a plus. Relevant security certifications (e.g., GIAC GCSA, GIAC GWAPT, GIAC WEB, CSSLP, CEH or similar) are a plus. What We Offer: A collaborative, security-first culture Opportunities to lead security initiatives and influence engineering practices Ongoing professional development and certification support The base salary range for this position is $95,000 - $135,000 per year. This range reflects the minimum and maximum base salary we reasonably expect to pay for this role. In addition, this position may be eligible to participate in the relevant business unit's incentive compensation plan, and other compensation programs as applicable. Eligible employees may participate in a 401(k) program with a generous profit-sharing contribution, medical, prescription dental, and vision coverage; life insurance; disability coverage; paid holidays; vacation; and sick time, subject to plan terms and Company policies. About Bessemer Trust Bessemer Trust is a family office, overseeing $250 billion in assets for 3,000 individuals and families of substantial wealth. Its more than 1,300 employees are singularly focused on private wealth management - disciplined investment management, sophisticated wealth planning, comprehensive family office services, and highly personalized client service. Established in 1907 as the family office for Annie and Henry Phipps, Bessemer Trust is in its seventh generation of ownership by the Phipps family. As a self-made entrepreneur, Henry Phipps was a founding partner and chief financial officer of Carnegie Steel. Bessemer Trust retains its original focus as a privately owned and independent wealth manager deeply committed to its mission of providing peace of mind to its clients. Bessemer's adherence to putting clients' interests first, fiduciary mindset, and highly collaborative culture are at the heart of everything the firm does. Key Facts: For 119 years, Bessemer Trust has operated continuously in a single line of business, independently owned by one family. Headquartered in New York's Rockefeller Center, Bessemer Trust has 22 offices in total. Woodbridge, NJ, is one of the firm's largest offices, which hosts a wide range of technology and operations professionals. In addition to its sizable presence in New York and Woodbridge, the firm provides client service through offices in Atlanta, Boston, Chicago, Dallas, Delaware, Denver, Garden City, Grand Cayman, Greenwich, Houston, Los Angeles, Miami, Naples, Nevada, Palm Beach, San Diego, San Francisco, Seattle, Stuart, and Washington, D.C. To watch a video about Bessemer Trust's history, click here. To learn more about Bessemer Trust, click here. About Our Employee Rewards and Benefits: We provide exceptional rewards and benefits that are among the best in the industry, giving our people access to a wide range of options, including: Competitive base salary plus discretionary annual bonus for select positions A 401(k) plan with a generous annual profit-sharing contribution Personalized development and career opportunities, including tuition reimbursement support Comprehensive medical, dental, and vision plans with zero contributions for employee coverage Employee assistance (EAP) and wellness programs Hybrid work environment: 60% in office, 40% remote for most positions Paid time off and paid parental leave Employer-paid life insurance and short- and long-term disability coverage Legal services and financial wellness plans at no cost to employees Bessemer Trust is committed to creating a diverse and inclusive environment and is proud to be an equal opportunity employer. We encourage candidates of diverse backgrounds to apply.

Created: 2026-03-17