Senior Application Security Engineer - Eliassen Group

Key Responsibilities

• Define and enforce application security standards and secure SDLC processes across multiple development teams.
• Conduct threat modeling, code reviews, and static/dynamic analysis to identify and remediate vulnerabilities early in the development lifecycle.
• Integrate security testing tools (SAST, DAST, SCA) into CI/CD pipelines and automate security gating.
• Collaborate with architects, developers, and operations to embed security controls in cloud-native (AWS) and on‑premise applications.
• Provide security guidance, training, and mentorship to engineering staff, fostering a security‑first culture.

Requirements

• 5+ years of hands‑on experience in application security, preferably in financial services.
• Deep knowledge of secure coding practices, OWASP Top 10, and threat modeling methodologies.
• Proficiency with security tooling such as SAST, DAST, SCA, and container security scanners.
• Experience implementing security controls in CI/CD environments (Jenkins, GitLab, Azure DevOps) and cloud platforms (AWS).
• Strong communication skills to translate complex security concepts into actionable guidance for development teams.