Job Description
Application Security Location: Parsippany, NJ (Hybrid) Or Remote Duration: 3 Months + Description 3+ years of offense and defense application security experience with demonstrated hands-on expertise in SAST and SCA tools such as Checkmarx and Synk, including findings triage, ruleset tuning, and managing vulnerability lifecycle across enterprise environments Strong understanding of OWASP Top Ten and broader web and API vulnerabilities, including practical remediation techniques within enterprise environments Knowledge of web and mobile application development and deployment methodologies Hands-on experience securing AWS cloud environments, including Lambda, API Gateway, IAM, and S3, with experience operating cloud-native security platforms such as Orca Security, Wiz, or Prisma Cloud to surface and remediate risk across workloads and infrastructure Ability to read and reason about code in languages such as Node.js, JavaScript, Java, or Python. Ability to sufficiently perform meaningful secure code review, validate SAST/SCA findings, and collaborate credibly with engineering teams on remediation Experience working with change management and release governance processes within production environments Strong project management and communication skills with the ability to represent cybersecurity requirements across technical and business stakeholders Solid understanding of agile methodologies, DevSecOps practices, and CI/CD pipeline integration Familiarity with security threat intelligence sources and how they inform application-layer defenses Experience partnering with development teams to drive security remediation by running working sessions, building runbooks, and supporting secure coding adoption through a developer-first engagement model.