Senior Applications Security Engineer
Company: Academic Partnerships
Location: Dallas
Posted on: March 15, 2025
Job Description:
Risepoint assists primarily regional universities in increasing
their access and impact by making their academic programs available
to students online. Founded in 2007, Risepoint's mission is to
expand access to high-quality, affordable, and workforce-relevant
education, especially for working and adult students. Risepoint
brings single-minded dedication to student success, an integrated
set of services, and data-driven performance to our collaboration
with university partners.We are seeking an Application Security
Engineer to join our engineering team. In this role, you will be
responsible for ensuring the security of solutions by integrating
security practices throughout the product and software development
lifecycle. This role involves vulnerability analysis, threat
modeling, and collaborating with cross-functional teams to maintain
a robust application security posture. Working closely with the
Security, Development, and Operations teams, you will ensure our
software products and infrastructure maintain high security,
reliability, and compliance standards.If you're excited about
enabling development teams to deliver secure, high-quality software
and want to significantly reduce security risks, this may be your
perfect role.Essential Functions and Responsibilities:
- Collaborate with Product and Development teams to embed
security into the software development lifecycle, from design to
maintenance.
- Guide secure architecture, coding practices, and integration
into CI/CD pipelines.
- Implement and maintain automated application vulnerability
scanning tools, including static (SAST) and dynamic (DAST) security
testing solutions.
- Coordinate manual application penetration testing assessments
through third-party engagements and validate results.
- Respond to application security incidents using
industry-standard practices to identify, contain, and remediate
vulnerabilities.
- Monitor and optimize reporting and alerting systems to
effectively identify, prioritize, and address application security
risks.
- Maintain comprehensive records of vulnerability detections and
security posture across all systems, ensuring consistent
improvement.
- Support risk management, compliance, and audit activities by
collecting evidence and producing reports to demonstrate security
program effectiveness.
- Serve as a first point of contact for reported vulnerabilities,
triaging issues from internal sources, clients, and external
researchers.
- Conduct architectural and design reviews to identify
vulnerabilities and recommend improvements to the application
security posture.Technical Qualifications:
- 3+ years of experience in application security, software
security engineering, or related roles.
- Hands-on experience with vulnerability management tools (e.g.,
Nessus, Qualys, SonarQube, GitHub scanning).
- Proficiency in integrating security into CI/CD pipelines (e.g.,
Jenkins, GitLab CI, Azure DevOps).
- Demonstrated experience in identifying and technically
qualifying application security vulnerabilities in a full-time
capacity for large-scale web, financial services, or mobile
applications.
- Familiarity with authentication and authorization frameworks
(e.g., SAML, OIDC, OAuth 2.0) and applied cryptography
concepts.
- Ability to read and comprehend application source code (e.g.,
TypeScript, JavaScript, C#, Java, Swift) and identify
vulnerabilities such as command injection and inappropriate
cryptographic usage.
- Effective written and verbal communication skills, with the
ability to raise awareness and coordinate remediation
activities.
- Excellent communication skills, able to translate complex
security concepts for various audiences.
- Strong stakeholder management skills to coordinate with teams
such as DevOps, QA, Product, and core Security.
- Proven ability to lead cross-functional initiatives and drive
results in a matrixed environment.Preferred Skills (Nice-to-Have):
- Relevant certifications (e.g., CISSP, CISM, OSCP).
- Experience with scripting languages (e.g., Python, Bash) for
automation.
- Exposure to compliance frameworks (e.g., SOC2, PCI-DSS,
HIPAA).
- Familiarity with common security frameworks (e.g., OWASP Top
Ten, CWE, ISO 27001, NIST).
- Strong analytical skills to validate and reproduce reported
vulnerabilities through manual testing or
scripting.Education:Bachelor's degree (or related experience) in
Computer Science, Management Information Systems, Cybersecurity, or
a related field. Risepoint is an equal opportunity employer and
supports a diverse and inclusive workforce.Risepoint offers the
following comprehensive benefits:
- 18 days PTO + Winter Shutdown
- 12 designated holidays + 1 floating holiday
- Medical - four options
- Dental
- Vision
- Life & Disability (company paid)
- Flexible Spending Account & Health Savings Account
- Retirement plan with company match
- Maternity / Paternity / Parental Leave (company paid)
- Volunteer Time OffSupplemental Benefits:
- Wellness program
- Alternative medicine options
- Pet discounts
- Accident, Critical Illness and Hospital IndemnityPersonal and
Professional Development:
- Continuous Professional and Leadership Development
Programs
- Tuition Reimbursement for employees and their dependents
- Rewards & Recognition programsRisepoint is an equal-opportunity
employer and supports a diverse and inclusive workforce.
Keywords: Academic Partnerships, Dallas , Senior Applications Security Engineer, Engineering , Dallas, Texas
Didn't find what you're looking for? Search again!
Loading more jobs...