Application Security Engineer

We are looking for an Application Security Engineer to strengthen secure software delivery and partner closely with engineering teams in Reading, Pennsylvania. This role focuses on embedding security throughout the software lifecycle, from architecture and development through deployment and ongoing operations. The ideal candidate brings deep application security expertise, a collaborative mindset, and the ability to translate security requirements into practical engineering guidance.

Responsibilities:

• Partner with software engineering and cybersecurity teams to build security into application design, coding practices, release processes, and production support.
• Perform in-depth security evaluations through code analysis, threat modeling, penetration testing, and vulnerability assessments to uncover and prioritize risk.
• Establish and uphold secure development standards, reusable patterns, and technical guidance that improve consistency across teams.
• Administer and enhance security controls within CI/CD workflows, including code scanning, infrastructure-as-code checks, and container security tooling.
• Contribute to architecture assessments for cloud-based systems, microservices, and containerized applications to ensure resilient and secure designs.
• Evaluate application risks and support formal security reviews to guide mitigation planning and informed technical decisions.
• Verify that application security activities align with applicable compliance obligations and recognized industry frameworks.
• Create and deliver training sessions that help developers strengthen secure coding habits and increase security awareness.
• Track emerging attack techniques and threat intelligence, then apply those insights to improve preventive and detective controls.
• Support the monitoring, investigation, and remediation of application security issues, while coordinating effectively with external vendors and consultants as needed.