Logo for LanceSoft, Inc.

Application Security AI Engineer

Key Facts

Remote From: 
Full time
Mid-level (2-5 years)
English

Other Skills

  • Problem Solving
  • Analytical Thinking
  • Communication

Roles & Responsibilities

  • 3 plus years Code scanning experience
  • 3 plus years open source scanning
  • 3 plus years dynamic and static scanning
  • Strong experience triaging SCA/SAST/DAST findings and managing high-severity escalations

Requirements:

  • Provide unified application security triage coverage across SCA, SAST, and DAST findings
  • Rapidly assess and coordinate responses for threat intelligence escalations and PatchNow Critical events
  • Monitor and analyze newly disclosed and novel vulnerabilities
  • Engineer, test, and implement application security tooling that leverages frontier models or AI-enabled capabilities

Job description

Job Title: Application Security AI Engineer
Work Location: Remote – USA
Pay: $70 – 90/ hour
 
Must have: 3 plus years Code scanning experience, 3 plus years open source scanning, and 3 plus years dynamic and static scanning
 
The Application Security AI Engineer will augment the Application Security team by providing unified triage coverage across SCA/SAST/DAST findings, threat intelligence escalations, and PatchNow Critical events.
In addition to triage and code scan vulnerability management, the engineer will provide hands-on engineering support to test, evaluate, and help implement AI-assisted security tooling (including frontier-model-based capabilities) and strengthen software supply chain security, including safeguarding developer IDEs, plugins/extensions, and developer workflows from malicious code and compromise.
 
Job Duties:
  • Provide unified application security triage coverage across SCA, SAST, and DAST findings, including validation of critical and high-risk vulnerabilities, false positive analysis, exploitability assessment, remediation guidance, and escalation support for findings that may impact production, internet-facing, or business-critical applications.
  • Rapidly assess and coordinate responses for threat intelligence escalations and PatchNow Critical events, including scope analysis, owner routing, mitigation guidance, tracking, and closure verification.
  • Monitor and analyze newly disclosed and novel vulnerabilities, including faster-moving disclosures influenced by frontier-model-enabled research, and produce actionable briefs that drive remediation plans.
  • Engineer, test, and implement application security tooling that leverages frontier models or AI-enabled capabilities for vulnerability identification, code reasoning, triage acceleration, remediation recommendations, and analyst workflow automation while preserving human review, auditability, and secure use controls.
  • Support company processes for evaluating and onboarding new AI capabilities, including technical proof-of-value execution, security testing, control validation, data handling review, model output evaluation, success metrics, and documentation needed for internal governance and approval pathways.
  • Strengthen software supply chain security by helping secure open-source dependency selection, package intake, SBOM and component visibility, malicious package detection, dependency health assessment, and policy enforcement across developer, pipeline, and artifact management workflows.
  • Assess and improve developer IDE security, plugins/extensions, and developer workflows, including package managers, code-assist tools, and CI integrations, against malicious code, compromised extensions, and unsafe configurations.
 
Qualifications:
  • Strong experience triaging SCA/SAST/DAST findings and managing high-severity escalations (threat intel and critical patch events) through remediation and closure.
  • Engineering experience with scripting, automation, APIs, CI/CD workflows, developer tooling, or security platform integrations.
  • Practical familiarity with AI-enabled security tools, frontier models, coding assistants, prompt and tool orchestration, model evaluation, or AI governance processes.
  • Experience securing the software supply chain and developer tooling (IDEs, plugins/extensions, package managers, CI/CD integrations) against compromise and malicious code.
  • Ability to translate technical vulnerability findings into clear remediation guidance, risk summaries, and prioritization recommendations for development and security stakeholders.

AI Operations (AI Ops) Engineer Related jobs

Other jobs at LanceSoft, Inc.

We help you get seen. Not ignored.

We help you get seen faster — by the right people.

🚀

Auto-Apply

We apply for you — automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.