Senior Application Security Engineer

Summary

Join Daxko as a Senior Security Application Engineer and play a vital role in safeguarding our applications and customer data. You will collaborate with engineering teams, conduct security assessments, and proactively mitigate threats. This role demands expertise in application security, various security tools, and secure coding practices. You will mentor developers, maintain security documentation, and respond to security incidents. The ideal candidate possesses strong programming skills, experience with CI/CD pipelines, and a deep understanding of security frameworks. Daxko offers a competitive salary, comprehensive benefits, and opportunities for growth.

Requirements

• 5+ years of experience in application security or a related field
• Strong programming skills in multiple languages (e.g., C#, Java, Python, JavaScript)
• Proficiency with security tools like SAST (Snyk, Checkmarx, SonarQube), DAST (OWASP ZAP, Burp Suite), and SCA (Snyk, Dependabot)
• Experience securing CI/CD pipelines (e.g., Jenkins, GitLab, Azure DevOps)
• Familiarity with cloud environments (AWS, Azure) and cloud-native security practices
• Knowledge of security frameworks (OWASP Top 10, NIST, ISO 27001)
• Bachelor’s degree in Computer Science, Cybersecurity, or a related field

Responsibilities

• Secure Our Applications: Partner with software engineering teams to integrate security best practices into the SDLC
• Identify & Fix Vulnerabilities: Conduct security assessments, code reviews, and penetration testing using SAST, DAST, and SCA tools
• Stay Ahead of Threats: Monitor emerging security threats and implement proactive defenses to safeguard sensitive customer data
• Enhance CI/CD Security: Maintain and improve security tools and processes within CI/CD pipelines for scalable security enforcement
• Investigate & Respond: Assist in security incident response, mitigating risks and strengthening prevention strategies
• Educate & Mentor: Guide developers on secure coding practices and foster a security-first culture
• Document & Communicate: Maintain detailed security documentation and provide regular updates to leadership

Preferred Qualifications

• 8+ years of experience in security, software development, or a related field
• Professional certifications such as CISSP, CISM, CEH, or similar
• Experience working with non-profits, fitness centers, or membership-based organizations

Benefits

• Flexible paid time off
• Affordable health, dental, and vision insurance options
• Monthly fitness reimbursement
• 401(k) matching
• New-Parent Paid Leave
• Casual work environments
• Remote work