Senior Application Security Engineer

Compunnel

$100K — $140K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree or equivalent experience
  • 5+ years in Application Security
  • Experience leading security enablement programs
  • Proven coaching skills in secure coding practices
  • Experience with CI/CD security automation
  • Strong understanding of SSDLC practices
  • Experience in secure code reviews and application security testing

Responsibilities

  • Scale the ASC Community of Practice across teams
  • Develop ASC playbooks and training materials
  • Guide teams on secure coding practices
  • Implement CI/CD-integrated security controls
  • Establish KPIs and compliance reporting for ASC
  • Coordinate application migration with risk assessment
  • Facilitate collaboration across development and security teams
  • Promote application security awareness and culture
  • Lead training sessions and hands-on exercises
  • Perform secure code reviews and participate in threat modeling

Benefits

  • Opportunities for professional development and growth
  • Flexible work environment
  • Collaborative team culture
  • Access to security training resources and tools
  • Ability to influence security practices across the organization
Full Job Description
Job Summary

The Sr. Application Security Engineer - Application Security Champion (ASC) Program is responsible for expanding and enabling the Application Security Champions (ASC) Community of Practice (CoP) across decentralized teams. This role focuses on embedding application security into the software development lifecycle through developer enablement, secure coding practices, threat modeling, governance, automation, and CI/CD-integrated security controls. The ideal candidate will have strong application security expertise, experience leading security enablement initiatives, and the ability to drive security adoption across enterprise development teams.

Key Responsibilities
• Scale the Application Security Champions (ASC) Community of Practice (CoP) across non-CIO organizations.
• Develop and maintain ASC playbooks, standards, training materials, and office hours focused on threat modeling and secure application design.
• Enable development teams by providing guidance on secure coding practices and application security best practices.
• Implement and support CI/CD-integrated security controls and Application Vulnerability Response (AVR) workflows for decentralized environments.
• Establish Application Security Champion KPIs, dashboards, and compliance reporting.
• Coordinate application migration planning with application owners while tracking risks, dependencies, and remediation activities.
• Facilitate cross-functional collaboration, escalations, and alignment between development teams, security teams, governance, and subject matter experts.
• Promote application security awareness and foster a security-first development culture.
• Serve as the primary liaison between development teams and the security organization to ensure effective communication and timely resolution of security issues.
• Lead security enablement initiatives including training sessions, workshops, and hands-on exercises.
• Perform secure code reviews and participate in threat modeling sessions.
• Assist development teams in adopting security testing tools, automated scans, and secure development practices.
• Contribute to the development and continuous improvement of enterprise application security standards, procedures, and governance frameworks.
• Align ASC initiatives with organizational security roadmaps and tiered security control adoption strategies.

Required Qualifications
• Bachelor's degree or equivalent professional experience.
• 5+ years of experience in Application Security.
• Experience leading security enablement programs, Application Security Champion programs, or Communities of Practice (CoP).
• Proven experience coaching developers on secure coding practices and threat modeling.
• Experience implementing security automation and compliance enforcement within CI/CD pipelines.
• Strong understanding of secure software development lifecycle (SSDLC) practices.
• Experience performing secure code reviews and supporting application security testing.
• Strong communication, collaboration, stakeholder management, and leadership skills.

Preferred Qualifications
• Experience establishing or leading Application Security Champion programs or Communities of Practice.
• Experience with enterprise security governance, security metrics, and compliance reporting.
• Background in enterprise application security strategy and governance.

Tools & Technologies
• Learning Management Systems (LMS) and security training platforms.
• SAST, DAST, and Software Composition Analysis (SCA) tools.
• ServiceNow Application Vulnerability Response (AVR).
• Power BI and Grafana dashboards.
• Confluence and Microsoft Teams.

Similar Jobs

More Jobs at Compunnel

More Information Technology Jobs

Find similar Senior Application Security Engineer jobs: