JR Application Security Engineer

Job Description A healthcare client is looking for 2 JR level Application Security Engineers to sit fully remote. The 2 Engineers are going to be joining the DevSecOps team working alongside 9-12 developers/engineers. They will be part of an initiative of migrating all application security scanning tools into SNYK. The engineers are going to be somewhat hands on with the CICD pipelines and doing mostly regular code scanning to find any vulnerabilities. The candidates need to also have experience with understanding the ins and outs of an application scanning tools since they will be doing tons of code reviews and scanning. The engineers should have experience with Code Scanning tools such as Checkmarx or Nexus IQ. They should have full understanding of OWAS Top 10 and NIST Security Standards. The team will be moving to JIRA and have a more Agile SAFe approach and an on-call schedule that will be rotated. Breaking it down u2013 this will be about 30% development and 70% code reviews. We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: Skills and Requirements 2-4 years of experience working as an Application Security Engineer Experience with various SAST tools - Nexus IQ, CheckMarx, SNYK (primarily) Experience with GitHub Actions Ability to work with developers & talk through vulnerabilities in their code SAST/DAST/SCA Terraform Experience building out CICD pipelines MAST - Mobile Application Security

Created: 2026-04-20