← all jobs

Application Security Engineer- Remote

Work from home Full-time role Hiring

Job Description

Application Security Engineer - Remote or Hybrid | Cary, North Carolina As an Application Security Engineer within the Information Security Office (ISO), you will be responsible for verifying that our internally-used applications are secure by design. You will collaborate with a diverse set of development and management teams across R&D, IT, and SAS Managed Cloud Services organizations to help drive the maturity of the application security program at SAS. Candidates should possess a diverse set of skills in application security and should have significant exposure to enterprise activities including software development, software testing, CI/CD, technical support, and program management. Your success will depend on your cooperative skills working with internal SAS customers and other teams across the enterprise to provide guidance about best practices in application security. As an Application Security Engineer, you will:

  • Provide Subject Matter Communication:
  • Coordinate with the Secure Design team to ensure new environments/applications align with expected compliance levels.
  • Provide guidance to development teams on security design, threat modeling, and resolution of security vulnerabilities
  • Advise on potential compensating and mitigating controls to reduce risk
  • Triage security findings received through a public bug bounty program, communicating with both the developers and independent security researchers
  • Perform Security Assessments & Assist in Remediation:
  • Perform application security assessments and web application security assessments on both internal and external web applications and web services
  • Interpret and triage results from web application assessments
  • Assess Azure and AWS cloud offerings to ensure usage aligns with security best practices
  • Assess applications for potential migration from on-prem to cloud
  • Build Security Standards & Integrations for Engineers:
  • Help research and define security benchmarks, guidelines, and processes
  • Embrace curiosity, passion, authenticity and accountability. These are our values and influence everything we do

Required Qualifications

  • US Citizen required
  • 5+ years of experience in Information Technology
  • Bachelor's degree in computer science or related quantitative field
  • Experience with web-based architectures and applications
  • Familiarity with industry standards for application security
  • Familiarity with common application security testing techniques (DAST, SCA, SAST, IAST) and vulnerability management tooling
  • Equivalent combination of related education, training and experience may be considered in place of the above qualifications.

Additional competencies, knowledge and skills

  • Continuous Improvement: Originating action to improve existing conditions and processes; identifying improvement opportunities, generating ideas, and implementing solutions.
  • Decision Making: Identifying and understanding problems and opportunities by gathering, analyzing, and interpreting quantitative and qualitative information; choosing the best course of action by establishing clear decision criteria, generating and evaluating alternatives, and making timely decisions; taking action that is consistent with available facts and constraints and optimizes probable consequences.
  • Influencing: Using effective involvement and persuasion strategies to gain acceptance of ideas and commitment to actions that support specific work outcomes.
  • Familiarity with DevSecOps
  • Familiarity with API Security best practices
  • Experience with container and Kubernetes security
  • Experience with Azure or other commercial clouds
  • Familiarity with various programming languages to assist with peer review (Java, Python, Golang)
  • Relevant security certifications such as CISSP, CSSLP, GPEN, GWAPT, OSCP
  • Familiarity with industry standard authentication and authorization (OAuth, Okta, Microsoft Entra)

World-class benefits Highlights include...

  • Comprehensive medical, prescription, dental and vision plans.
  • Medical plan options include:
  • PPO with low annual deductible and copays.
  • HDHP combined with a health savings account with a contribution from SAS (no access to on-site health care center).
  • Onsite Health Care Center (HQ) that's free to employees and family members enrolled in the PPO plan. There's a pharmacy too! Not local to HQ? The pharmacy will ship prescriptions for no additional charge!
  • An industry-leading 401k plan.
  • Tuition Assistance Program and programs and resources to support your development
  • Generous time away including vacation time, a variety of paid holidays, and our much-loved U.S. Winter Wellness Break between December 25 and January 1.
  • Volunteer Time Off, parental leave and unlimited paid sick days.
  • Generous childcare benefits for all full-time employees.

#LI-CC

More open positions

AI Security Engineer (US Based)

Work from home Full-time role

Senior Security Engineer, Platform and IAM Support

Work from home Full-time role

IT Cyber Security Engineer

Work from home Full-time role

Senior Web Penetration Tester, Part Time Hourly – Remote (Pacific Time Zone highly Preferred)

Work from home Full-time role

Penetration Tester II

Work from home Full-time role

Part-Time Remote Customer Service Representative – Flexible Home‑Based Support Role at careerzynith

Work from home Full-time role

Experienced Remote Live Chat Assistant – Unlock Your Potential in a Dynamic and Flexible Role

Work from home Full-time role

Associate, Capital Markets

Work from home Full-time role

Workers' Compensation Senior Counsel

Work from home Full-time role

Claims Adjuster II (Workers' Compensation) | California

Work from home Full-time role

Surveillance Investigator II - Experienced

Work from home Full-time role

Experienced Part-Time Remote Ramp Agent (Customer Service Agent) - DCA at careerzynith

Work from home Full-time role

National School Lunch Program Specialist (Administrative Officer 1)

Work from home Full-time role

Psych - Therapy

Work from home Full-time role

Underwriter (Remote located in MO, KS or NE)

Work from home Full-time role

Crisis Chat & Text Counselor (Full Time, Remote)

Work from home Full-time role

Sr. Manager, Security Engineering

Work from home Full-time role

Office Administrator job at Braun Intertec Corporation in Allen, TX

Work from home Full-time role

Urgently Need Virtual Tutor in Somerville, MA

Work from home Full-time role

Remote/In Person Entry Level Criminal Justice - Digital Reporter

Work from home Full-time role

Principal for PM61 - Remote

Work from home Full-time role