Application Security Engineer

As an Application Security Engineer you will perform application security testing on web applications, mobile applications, microservices, infrastructure code, and open source code in order to expose weaknesses in their design and/or configuration that make them susceptible to exploitation.  

You will work closely with development teams, product managers, and other members of the information security team to assess risks, conduct security reviews, and recommend steps for the remediation of identified vulnerabilities. You will educate development engineers on secure coding practices and contribute to overall application security awareness.

3-5 years of proven experience in application security testing, including Dynamic Application Security Testing (DAST), Static Application Security Testing (SAST), Open Source Security (OSS) testing, Software Composition Analysis (SCA), Infrastructure as Code (IAC).  

Bachelor’s Degree, ideally in a technically related field (Computer Science, Information Technology, Software Engineering), or equivalent work experience.

Relevant certifications: EC-Council Certified Application Security Engineer (C|ASE), (ISC)2 Certified Secure Software Lifecycle Professional (CSSLP), GIAC Web Application Penetration Tester (GWAPT)

Experience testing web applications for OWASP Top Ten security vulnerabilities.

A thorough understanding of the Software Development Life Cycle (SDLC).

Experience in promoting and implementing secure coding practices, and providing training and education to development teams on secure development practices.  

Strong verbal and written communication skills with the ability to clearly articulate technical concepts to both technical and non-technical audiences.

Attention to detail, to plan and execute tests that meet all requirements.

Ability to prioritize tasks and manage time effectively to meet deadlines.

Ethical integrity to be trusted with a high level of confidential information.

Ability to collaborate with team members and share knowledge.

Exceptional analytical and problem-solving skills and the persistence to apply different techniques to get the job done.

Ability to understand the business implications of identified weaknesses.

Commitment to continuously update your technical knowledge base.

Compensation: The base salary for this position ranges from $80,000 to $110,000 annually, depending on your location, experience, and qualifications. Additional compensation offerings include company profit-sharing bonus program, communication stipends, and referral bonuses. 

Inclusive benefits package offering: 

Comprehensive medical, dental, and company paid vision insurance, 401(k) retirement plan with employer match, voluntary life and AD&D insurance options, voluntary supplemental insurances for accident, critical illness, and legal services,  paid time off (PTO) and paid holidays, employee assistance and wellness programs, company paid short term disability coverage, company contributions to health saving funds (with participation in the high deductible health plan. We offer company paid access to Galileo for virtual primary care and Rula for virtual mental health resources.

Through our Anniversary Program, we celebrate the meaningful milestones and long tenure that reflect how much we value your contributions and commitment to our team.

Career and skill development resources to help advance your career and personal growth.

A mission-driven environment where your work makes a measurable impact on the real estate industry.

Wherever it Leads, Whatever it Takes® -  No matter how remote, complex, or unexpected. Our commitment never wavers.

Hire NICE people - Skills can be taught but character shines through. We seek those who bring integrity, kindness, and grit.

Lift others up - We lead with empathy and strive to improve the lives of those around us.

Sweat the details - Excellence lives in the little things. Getting it just so is how we make a big impact.

Raise the bar -  We don’t settle for industry standards, we redefine them.