Application Security Engineer

Role: AI & Application Security Engineer

Location: Fully Remote (CST-ish hours preferred)

Duration: 6-12 month

Interview: Video

Need LinkedIn id!!!

Must-Haves Non-Negotiable

• Hands-on SAST and DAST experience this is the core of the job
• Application security background (practitioner, not theoretical)
• API security knowledge understands auth, authorization, transport, data exposure risks
• AI coding security experience governing tools like Cursor, GitHub Copilot, or similar LLM-assisted dev tools
• AWS fundamentals IAM, secrets management, logging, networking
• Change agent must thrive in fast-paced, high-change environments

Nice-to-Haves

• MuleSoft or SaaS integration security
• CrowdStrike Falcon Suite, Snyk, or Veracode familiarity
• Microsoft / M365 security background
• FINRA, SOX, or financial services regulatory exposure
• DSPM familiarity

Tech Stack

• Bitbucket
• AWS
• Amazon Workspaces
• Microsoft M365
• CrowdStrike Falcon
• MuleSoft (SaaS)
• AWS Secrets Manager
• LastPass
• Cursor
• Aria
• Microsoft Copilot Enterprise

Candidate Sweet Spot

• 5-7 years in AppSec, DevSecOps, or Security Engineering
• Has built or matured SAST/DAST programs, not just used them
• Has governed AI coding tools in an enterprise environment
• Comfortable working alongside developers as a partner, not a gatekeeper
• Fintech or regulated industry background a plus, not required

Where to find them: DevSecOps engineers at mid-size fintechs, SaaS companies, or consulting firms (Protiviti, Deloitte, etc.) who have shifted into AI security work

For applications and inquiries, contact: hirings@openkyber.com