[Remote] Staff Application Security Engineer

Note: The job is a remote job and is open to candidates in USA. Insight Global is seeking a Staff-level Application Security Engineer to support a growing security function. This hands-on role focuses on partnering with engineering teams to drive secure development practices across web and cloud environments while providing guidance on vulnerability remediation and secure coding practices.

Responsibilities

• Partner directly with engineering teams to integrate security throughout the full SDLC
• Provide hands-on guidance and support for vulnerability remediation
• Review and triage findings from external penetration testing firms
• Determine real-world exploitability of vulnerabilities
• Help engineering teams prioritize and resolve issues
• Act as a liaison with external penetration testing vendors (no direct pen testing required)
• Help teams implement and improve secure coding practices and application security controls
• Support application security programs across both cloud and on-prem environments
• Advise on supply chain security risks and mitigation strategies
• Drive a consultative approach, working alongside teams to close security gaps, not just documenting them

Skills

• 10+ years of experience in Application Security or related field
• Strong hands-on experience securing web applications
• Expertise in cloud security (AWS required)
• Proven experience working embedded with engineering teams
• Background in vulnerability management and remediation
• Experience reviewing or working alongside penetration testing outputs
• Ability to assess findings and determine practical risk/exploitability
• Demonstrated ability to balance security best practices with engineering velocity
• Experience with Azure
• Exposure to mobile application security
• Familiarity with CI/CD security, tokenization, or supply chain security concepts

Company Overview

Company H1B Sponsorship