← Back to all jobs
Job Title: Application Security Engineer
Duration: Till Nov 2026 with extension possible
Location: Charlotte, NC (Hybrid model - 3 days a week)
Interview: Video conference interview – 3 phases (Panel, Tech Test on your own time &
Final); provide location and best time to interview – video-onscreen.
Requirement Notes:
· Senior Analyst Cyber Security, Penetration Testing, and Secure Code Review
· Outstanding problem-solving and troubleshooting skills with a strong attention to detail and standards;
· Perform penetration testing against products and systems, including web applications, web services, and mobile devices; Vulnerability triage
· Experience with secure code review.
Application Security Engineer – Charlotte, NC
· Client is a leading automotive financial services company powered by a top direct banking franchise. Client''s automotive services business offers a full suite of financing products and services, including new and used vehicle inventory and consumer financing, leasing, inventory insurance, commercial loans and vehicle remarketing services.
Responsibilities:
· Perform penetration testing against products and systems, including web applications, web services, and mobile devices.
· Collaborate with stakeholders to develop remediation strategies.
· Assist with delivery of secure development training.
· Demonstrating practical/working exploitation of security flaws.
· Develop and enhance process to automate the delivery of application security metrics.
· Review SAST/DAST/IAST output for false positives. Assist development with remediation.
· Serve as an application security subject matter expert for projects.
· Participate in threat modeling exercises.
· Effectively communicate vulnerability details, risks, and potential impacts to, application owners, developers, stakeholders, and partners.
· Act as a mentor for junior team members/interns.
· Design, implement, and support security-focused tools and services.
· Develop low-level tools that improve security testing, reporting, and monitoring.
Principal Expectations:
· 7+ years of experience in manual penetration testing of web and mobile applications.
· Identify, research, and evaluate current vulnerabilities, provide remediation and configuration guidance. Collaborate with stakeholders to develop remediation strategies.
· Ability to interact with company personnel at all levels and across all business units to comprehend business imperatives. A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.
· Competent to work independently at an advanced technical level.
· Produce well-written, detailed reports that describe vulnerabilities/risks and that provide specific remediation guidance.
Required Skills
· Proven work experience in manual secure code review.
· Experience working with GitLab Ultimate CI/CD technology, shift-left tools, and application security workflows.
· GPEN, OSCP, CISSP, GWAPT, CEH, or similar certifications.
· Desired scripting experience: One or more of Python, JavaScript, PowerShell, shell script, Ruby, PHP, LUA etc.
· Bachelor’s degree in Information Technology or Computer Science, or equivalent experience.
· Inherent passion for information security and service excellence.
· The ability to adapt to new situations and the desire to learn and stay current with AppSec trends, threats, and risks.
Get new pentesting jobs sent to your inbox