[Remote] Application Security Engineer

Work from home Full-time role Hiring

Note: The job is a remote job and is open to candidates in USA. CivicPlus is a company focused on innovation and collaboration to impact local government and the residents they serve. The Application Security Engineer is responsible for embedding security throughout the software development lifecycle, leading application security testing, and driving vulnerability remediation efforts.

Responsibilities

Perform security code reviews, threat modeling, and architecture reviews across all development projects as part of secure Software Development Lifecycle (SDLC)
Collaborate with development teams to integrate secure design, secure coding standards, and security controls across the SDLC
Identify, track, and validate vulnerabilities and security defects from security testing and scanning, collaborating with development teams to inform and prioritize remediation within compliance timeline requirements
Coordinate external, independent penetration testing of production environments
Lead application security testing, including static, dynamic, and interactive application security testing (SAST, DAST, IAST)
Serve as a subject matter expert on application security vulnerabilities (such as the OWASP Top 10) and emerging threats
Partner closely with organizational functions and key stakeholders to provide guidance, tooling, and training to development teams and ensure secure design principles are applied, risks are mitigated, and applications are resilient against modern threats

Skills

3 – 7 Years of experience in application security, secure development, penetration testing, or related field
Strong understanding of Secure Software Development Lifecycle (SSDLC), application security controls, and vulnerability management
Familiarity with secure coding practices across multiple development languages (such as C#, Go, Java, JavaScript, or Python)
Knowledge of cloud-native and SaaS application environments
Security+, GSEC, GSSP or equivalent
Bachelor's degree in Computer Science, Cybersecurity, Information Security, Information Systems, or a related field

Benefits

Comprehensive health insurance
Dental insurance
Vision insurance
Flexible Time Off
401(k) plan

Company Overview

CivicPlus is the only government technology company exclusively committed to powering and empowering governments to efficiently operate, serve, and govern through the use of our innovative and integrated technology solutions purpose-built and supported by former municipal leaders and award-winning support teams. It was founded in 1998, and is headquartered in Manhattan, Kansas, USA, with a workforce of 501-1000 employees. Its website is http://www.civicplus.com.

Apply Now

[Remote] Application Security Engineer

More open positions

[Remote] Sales Operations & CRM Manager

[Remote] Healthcare Supply Chain Lawyer

[Remote] Senior Software Engineer, Security Infrastructure

[Remote] Senior Salesforce Billing Administrator

[Remote] Staff Full Stack Engineer

Senior CMDB Engineer

(Junior) Steuerfachangestellter (m/w/d)

Project Manager, Early Career and Emerging Talent

Sales Operations Manager

Experienced Full Stack Data Entry Specialist – Remote Customer Service and Data Management

Marketplace & PLG — AI-Native Senior Product Manager

Senior Data Entry Specialist - Remote Financial Records Management | careerzynith

Software Engineer, Platform - Tel Aviv, Israel

Experienced Healthcare Data Entry Specialist – Revenue Cycle Operations

Licensed Mental Health Therapist

EU Strategic Advisor & Proposal Developer

Senior Software Engineer – Infrastructure & Network Automation

Cloud Solutions Architect

[Remote] D2C Program Manager

Part-Time Remote Data Entry Claims Intake Processor – 34‑Hour Week, Insurance Claims & Authorization Specialist at careerzynith

National consultant for Career Guidance Model contextualization for the Education system in Albania, Tirana, Education section, 11.5 Months, Remote work