Application Security Engineer 3

Bloomberg Industry Group

$100K — $130K *
Arlington, TX 76010In-Person
Information Technology
5 - 7 years of experience
2 weeks ago
Job Overview by Ladders

Qualifications

  • 5-7 years of experience in Application Security, AppSec engineering, Cloud Security, or Software Engineering.
  • In-depth knowledge of application security, secure software design, and risk management frameworks such as OWASP and NIST.
  • Hands-on experience with security assessment tools including SAST, DAST, SCA, IaC, and container security.
  • Familiarity with modern architectures like cloud-native, microservices, and DevSecOps practices.
  • Advanced knowledge in AI/ML security, including threat modeling and vulnerability analysis for AI systems.
  • Proficient in programming languages such as Python, Java, and JavaScript.

Responsibilities

  • Design and implement security architectures for large-scale, cloud-native applications.
  • Conduct advanced risk assessments and penetration testing to ensure application security.
  • Integrate security processes across the entire software development lifecycle (SDLC).
  • Define and implement security measures for AI-powered features and assess AI risks.
  • Evaluate and enhance third-party security tools and vendor controls.
  • Drive the scaling and automation of security solutions in CI/CD pipelines.
  • Guide and mentor junior engineers and cross-functional teams on security best practices.

Benefits

  • Opportunities for professional development and continuous learning.
  • Access to cutting-edge technology and tools.
  • Flexible work arrangements and a supportive company culture.
  • Collaboration with industry leaders and subject matter experts.
  • Involvement in exciting projects with a significant impact on the organization's security posture.
Full Job Description
Responsible for leading application security engineering efforts, designing scalable security architectures, performing advanced risk assessments, integrating security across the SDLC, driving AI‑related security controls, evaluating vendor solutions, scaling automation, and contributing to incident response and strategic security improvements.

Job Summary:
As an Application Security Engineer III, you will lead security engineering initiatives, perform advanced risk assessments, and design scalable security controls across critical applications. You will serve as a subject matter expert (SME) in application, guiding engineering teams, influencing security strategy, and driving automation across the SDLC.

This role requires deep technical expertise, leadership potential, and the ability to shape long‑term Application Security direction.

What You Will Do:

  • Design and implement security architectures and controls for large-scale, cloud-native applications.
  • Conduct in-depth risk assessments, including penetration testing and code reviews.
  • Collaborate with developers and DevOps teams to integrate security at all stages of the software development lifecycle (SDLC).
  • Drive security for AI-powered features by defining secure architectures, assessing AI/ML risks, and implementing advanced testing and controls for AI models, agents, and MCP servers.
  • Identify areas of improvements in security tools and practices, and remediate the identified gap by implementing innovative solutions.
  • Evaluate third‑party security tools and vendor‑provided controls for technical effectiveness, enterprise fit, and alignment with organization’s security architecture and standards.
  • Collaborate with vendors to provide actionable technical feedback, drive product improvements, and ensure controls are implemented and configured appropriately for Bloomberg Industry Group’s environment.
  • Build, improve, and scale security automation, integrating tooling across CI/CD pipelines and cloud platforms.
  • Provide guidance to junior engineers and cross-functional teams on security best practices.
  • Participate in incident response efforts and investigations into security incidents.
  • Stay ahead of the curve by keeping informed of industry trends and emerging threats, applying this knowledge to continually improve security.

You Need to Have:

  • Deep expertise in application security, secure software design, and risk management, including frameworks such as OWASP ASVS, OWASP Top 10, and NIST 800‑53.
  • Extensive experience conducting complex security assessments and building automated security controls for large engineering environments.
  • Proficiency in multiple programming languages (e.g., Python, Java, JavaScript) and hands-on experience with SAST, DAST, SCA, IaC, container, and cloud security tools.
  • Strong understanding of modern architectures (cloud-native, microservices, Kubernetes, containers, serverless) and DevSecOps processes.
  • Advanced understanding of AI/ML security, including model vulnerability analysis, AI threat modeling, secure LLM integration patterns, and familiarity with NIST AI RMF or OWASP Top 10 for LLMs.
  • 5-7 years of relevant experience in Application Security, AppSec engineering, Cloud Security, or Software Engineering.

We would Love to See:

  • Certifications such as
  • AWS Certified Security – Specialty
  • CSSLP or CISSP
  • Certified DevSecOps Expert (CDE) or equivalent
  • A bachelor's degree in information security, Computer Science, or a related field, or equivalent experience.

* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Bloomberg Industry Group

More Information Technology Jobs

Find similar Application Security Engineer 3 jobs:

NationwideArlington, TX