Application Security Engineer

Job summary

Fremont

Engineering

Work model

Fully remote

Only US

1 month ago

Job description

Application Security Engineer

Location: 100% Remote (Continental United States) Position Type: In-house Bright Vision Technologies SOW engagement (no third-party client or vendor) Experience: 5+ years Sponsorship: No new H1B sponsorship available. H1B transfers welcomed for qualified candidates. Employment Type: Full-time, direct W2 with Bright Vision Technologies (no C2C, no 1099, no third-party) Engagement: Long-term, multi-year, aligned to the Bright Vision SOW delivery roadmap Compensation: Competitive base salary commensurate with experience, plus benefits.

Employment Terms & Visa Policy

This is a 100% remote, full-time, direct W2 position with Bright Vision Technologies. This role is part of Bright Vision Technologies' in-house Statement of Work (SOW) engagement. The client, end customer, and employer for this position is Bright Vision Technologies --- there is no third-party client, vendor, or implementation partner involved.

We do not engage in C2C, 1099, or third-party arrangements for this role. BUT STRICTLY NO C2C/1099/3RD PARTY COMPANIES. ALL OUR ROLES ARE W2 AND NO 3RD PARTY BROKERING PLEASE. Candidates must be willing to work directly as a full-time W2 employee of Bright Vision Technologies and contribute to our in-house SOW deliverables.

No new H1B sponsorship is available for this role. However, candidates who are currently on a valid H1B visa and require a transfer are welcome to apply. We will support H1B transfers for qualified candidates. For every role, a technical coding assessment is mandatory. Please apply only if you are confident in your technical abilities and hands-on experience.

Job Summary

Bright Vision Technologies is seeking an Application Security Engineer to embed security throughout the software development lifecycle. You will partner with engineering teams to design secure systems, identify vulnerabilities, and reduce risk across our application portfolio. This role combines hands-on offensive and defensive security skills with strong communication and collaboration, enabling development teams to build secure software efficiently. The ideal candidate possesses deep technical security expertise, strong software engineering fundamentals, and a proven track record of implementing security improvements that significantly reduce production risk.

Key Responsibilities

Conduct threat modeling and security architecture reviews for new and existing applications and services.
Perform manual code reviews, secure design consultations, and collaborate with engineering teams on hardening critical components.
Operate and tune SAST, DAST, IAST, SCA, and secret-scanning tools within CI/CD pipelines.
Drive vulnerability management workflows, including triage, prioritization, owner assignment, and SLA tracking.
Build reusable libraries and frameworks that promote secure coding practices by default for engineering teams.
Lead red-team and purple-team exercises against internal applications and drive remediation of identified weaknesses.
Implement and operate runtime protections such as WAF, RASP, bot protection, and abuse-detection mechanisms.
Design and enforce secure authentication, authorization, session management, and cryptographic patterns.
Partner with infrastructure and platform teams to enhance the security of container, Kubernetes, and cloud environments.
Develop and deliver application security training, lunch-and-learns, and onboarding content for engineering staff.
Respond to security incidents involving application vulnerabilities or active exploitation.
Track and address emerging threats and CVEs affecting the application portfolio.
Maintain comprehensive, up-to-date technical documentation (architecture diagrams, design decisions, configuration references, runbooks, operational procedures) to ensure system supportability, auditability, and ease of onboarding for new engineers.
Stay current with application security research and emerging defensive tooling.

Required Qualifications

Bachelor's degree in Computer Science, Cybersecurity, or a related field.
Five or more years of experience in application security or security engineering.
Strong understanding of OWASP Top 10, common vulnerability classes, and modern exploit patterns.
Hands-on experience performing code reviews in at least two major programming languages.
Deep familiarity with SAST, DAST, SCA, and CI/CD-integrated security tooling.
Strong understanding of authentication, authorization, and cryptographic primitives.
Experience with cloud security and modern infrastructure controls.
Excellent communication skills, capable of engaging with both technical and non-technical audiences.
Proficiency in at least one programming language for tooling and automation.
Experience collaborating closely with engineering teams in an Agile environment.

Preferred Qualifications

Industry certifications such as OSCP, OSCE, GWAPT, or CISSP.
Experience with offensive security tooling and red-team operations.
Bug bounty experience, public CVEs, or open-source security contributions.
Familiarity with AI/LLM application security considerations.
Exposure to regulated industries with stringent compliance requirements.

How to Apply

For immediate consideration, please send your resume to [email protected] or contact us at (908) 698-4899. Learn more about Bright Vision Technologies at www.bvteck.com.

Bright Vision Technologies is an equal opportunity employer and values diversity and inclusion. We do not discriminate on the basis of any protected attribute. We also provide reasonable accommodations for religious practices, beliefs, and disability needs.

Bright Vision Technologies is an Equal Opportunity Employer, including Disability/Veterans.

Position offered by "No Fee Agency."

Equal Employment Opportunity (EEO) Statement

Bright Vision Technologies (BV Teck) is committed to equal employment opportunity (EEO) for all employees and applicants without regard to race, color, religion, sex, sexual orientation, gender identity or expression, national origin, age, genetic information, disability, veteran status, or any other protected status as defined by applicable federal, state, or local laws. This commitment extends to all aspects of employment, including recruitment, hiring, training, compensation, promotion, transfer, leaves of absence, termination, layoffs, and recall.

BV Teck expressly prohibits any form of workplace harassment or discrimination. Any improper interference with employees' ability to perform their job duties may result in disciplinary action up to and including termination of employment.

More Remote jobs in Engineering

Backend / API Engineer (Bethesda (REMOTE), MD, US)

NTT DATA, Inc.

Join NTT DATA as a remote Backend/API Engineer. Design secure, scalable services for federal systems. Requires 3+ years experience and secret clear...

Fully remote· Only US

3 days ago

Sr Manager, Software Development & Engineering Lead (PL)

Charles Schwab

Lead mainframe and distributed development teams in our Mutual Fund trading systems. Join Schwab to drive modernization and innovation in finance.

Join Unqork as a Staff AI Engineer. Build and scale agentic AI products for enterprise applications in a remote-first, innovative environment.

Fully remote· Only US

3 days ago

View all Remote jobs in Engineering