Application Security Engineer | Houston, Texas, United States Application Security Engineer (SAST/DAST Focus) Location: Houston, TX (Remote Eligible) | Job Type: C2C Responsibilities - Implement, manage, and optimize SAST and DAST tools (Checkmarx, Veracode, Fortify, SonarQube, Burp Suite, OWASP ZAP) across multiple application environments - Integrate automated security testing into CI/CD pipelines (Azure DevOps, GitHub, Jenkins) to enable true DevSecOps - Conduct code reviews and vulnerability assessments to ensure robust, secure applications - Identify, triage, and remediate vulnerabilities with a focus on the OWASP Top 10 - Collaborate with development teams to embed secure coding best practices into SDLC - Support threat modeling and security design review initiatives - Monitor and report on application security posture and emerging risk trends - Provide expert assistance in application-related security incident response Required Skills and Experience - Proficient with SAST and DAST tools - In-depth knowledge of OWASP Top 10 and secure coding practices - Experience integrating security into CI/CD pipelines - Strong understanding of web application architecture (APIs, microservices) - Familiarity with container security (Docker, Kubernetes) - Hands-on with open-source scanning tools (SCA) - Programming or scripting experience (Java, Python, .NET) - Proven collaboration with developers in agile environments Preferred Skills - Experience with cloud security (especially Azure) - Exposure to Infrastructure-as-Code (IaC) security scanning - Security certifications (CSSLP, GWAPT, Security+) Benefits - Dynamic, high-impact projects in the energy sector - Opportunities for career growth and upskilling in the latest security technologies - Supportive, diverse, and collaborative team environment - Remote work flexibility How to Apply Ready to power Chevron's secure digital future? Submit your resume and a brief cover letter outlining your application security accomplishments via our application portal.