Logo for Clear Capital

Senior Application Security Engineer

Roles & Responsibilities

  • 4+ years of related experience required
  • Bachelor’s Degree in a technically related field or equivalent work experience
  • Highly technical and analytical with a background in software development and scripting
  • Expertise in application security testing and relevant certifications

Requirements:

  • Plan and carry out application security testing to identify vulnerabilities in applications
  • Assess discovered vulnerabilities and recommend risk-mitigating solutions
  • Communicate findings, risks, and recommendations to stakeholders
  • Lead AI security initiatives and collaborate with architects and development teams

Job description

The Sr. Application Security Engineer is responsible for validating that application services are designed and implemented with high security standards. The role analyzes the security of applications in tandem with their underlying services, including connected dependencies such as middle-tier systems and databases. Additionally, the Sr. Application Security Engineer addresses legacy and emerging security issues, and implements repeatable secure development practices to reduce the introduction of program design flaws that may lead to exploitation. As issues are uncovered, the application security engineer communicates with the appropriate technical and leadership teams to ensure a focus on risk mitigation – allowing for business continuity, but without negligent risk. Application Security Engineers are constantly assessing applications for weaknesses and finding resolutions before they can be abused.
 
This position is also responsible for assessing the security of applications for business-to-business initiatives, third-party relationships, outsourced solutions and vendors. The Sr. Application Security Engineer is expected to recommend programmatic controls, and monitor and manage secure development practices to address modern day issues. Application Security Engineers think like attackers, but always act with integrity and do not abuse their privilege.

What You Will Work On
  • Plan and carry out application security testing in all phases of the software development life cycle to identify vulnerabilities in applications and weaknesses in secure coding practices.
  • Assess discovered vulnerabilities and recommend risk-mitigating solutions, leveraging automation to improve the efficiency of both testing and remediation processes.
  • Communicate findings, risks, and recommendations to stakeholders, while documenting delivery and implementation progress against defined service-level agreements (SLAs) and business metrics.
  • Lead AI security initiatives, including threat modeling production LLM stacks for autonomy and prompt injection risks, and auditing third-party models and APIs to secure the software supply chain.
  • Attend and participate in product and application projects. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.
  • Collaborate with architects and development teams to drive secure design practices, leveraging established security standards, configurations, and frameworks.
  • Fully define and follow a security review process to ensure an automated and repeatable process is managed. 
  • Regularly monitor the security community for public-facing security issues, as well as to learn new tactics that can be used in testing.
  • Train developers and junior application security engineers on weaknesses to avoid.
  • Perform other duties as assigned.

  • Who We Are Looking For
  • 4+ years of related experience required. 
  • Bachelor’s Degree, ideally in a technically related field (Computer Science, Information Technology, Software Engineering), or equivalent work experience.
  • Highly technical and analytical, with a background in software development, and scripting (e.g., Java, Python, C++, Ruby, JavaScript, PowerShell, PHP).
  • Expertise in application security testing, including hands-on experience with Static (SAST), Dynamic (DAST), and Software Composition Analysis (SCA) tools.
  • Proficiency in application security assessments, including threat modeling, vulnerability and penetration testing, API security, OWASP Top Ten mitigation, and securing applications in AWS and private cloud environments.
  • Relevant certifications such as C|ASE, CSSLP, GWAPT, OSCP, or equivalent.
  • Experience with frameworks such as ISO 27001, NIST, GDPR, CIS, or SOC 2.

  • What You Can Expect
  • Compensation: The base salary for this position ranges from $111,000 to $144,400 annually, depending on your location, experience, and qualifications. Additional compensation offerings include company profit-sharing bonus program, communication stipends, and referral bonuses. 
  • Inclusive benefits package offering: 
  • Comprehensive medical, dental, and company paid vision insurance, 401(k) retirement plan with employer match, voluntary life and AD&D insurance options, voluntary supplemental insurances for accident, critical illness, and legal services,  paid time off (PTO) and paid holidays, employee assistance and wellness programs, company paid short term disability coverage, company contributions to health saving funds (with participation in the high deductible health plan. We offer company paid access to Galileo for virtual primary care and Rula for virtual mental health resources.
  • Through our Anniversary Program, we celebrate the meaningful milestones and long tenure that reflect how much we value your contributions and commitment to our team.
  • Career and skill development resources to help advance your career and personal growth.
  • A mission-driven environment where your work makes a measurable impact on the real estate industry.

  • What We Value
  • Wherever it Leads, Whatever it Takes® -  No matter how remote, complex, or unexpected. Our commitment never wavers.
  • Hire NICE people - Skills can be taught but character shines through. We seek those who bring integrity, kindness, and grit.
  • Lift others up - We lead with empathy and strive to improve the lives of those around us.
  • Sweat the details - Excellence lives in the little things. Getting it just so is how we make a big impact.
  • Raise the bar -  We don’t settle for industry standards, we redefine them.
  • About Us

    Clear Capital is a national real estate analytics, data solutions and valuation technology company with a simple purpose: to build confidence in real estate decisions to strengthen communities and improve lives. Our goal is to provide customers with a complete understanding of nearly every U.S. property through our AI-driven analytics, data solutions, valuation services and automated appraisal review platforms. Our commitment to excellence - wherever it leads, whatever it takes® - is embodied by our team members across our brands and has remained steadfast in this pursuit since our first order in 2001.

    Clear Capital is an equal-opportunity employer.

    To all recruitment agencies: Clear Capital does not accept agency resumes. Please do not forward resumes to our jobs alias, Clear Capital employees, or any other company location. Clear Capital is not responsible for any fees related to unsolicited resumes.

    Security Engineer Related jobs

    Other jobs at Clear Capital

    We help you get seen. Not ignored.

    We help you get seen faster — by the right people.

    🚀

    Auto-Apply

    We apply for you — automatically and instantly.

    Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

    AI Match Feedback

    Know your real match before you apply.

    Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

    Upgrade to Premium. Apply smarter and get noticed.

    Upgrade to Premium

    Join thousands of professionals who got noticed and hired faster.