AgileEngine is an Inc. 5000 company that creates award‑winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people‑first culture has earned us multiple Best Place to Work awards. WHY JOIN US If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you! ABOUT THE ROLE We are looking for a Senior Application Security Engineer to modernize vulnerability management at scale within a highly regulated financial services environment. You will govern and analyze large vulnerability datasets from tools including Wiz, Checkmarx, and Snyk, build automated triage and remediation workflows using Python and AI‑assisted agents, and embed security intelligence directly into CI/CD pipelines. The role requires deep AppSec tooling expertise, risk‑based prioritization using CVSS and EPSS, and the ability to provide code‑level remediation guidance to Java development teams. WHAT YOU WILL DO Structure, analyze, and govern the massive output of vulnerability data from across the enterprise portfolio, ensuring it is highly contextualized and ready for consumption by developers and automated systems; Triage and prioritize vulnerabilities utilizing data‑driven scoring models CVSS , EPSS combined with contextual business and infrastructure risk; Continuously tune security scanning tools SAST , DAST , SCA and data pipelines to eliminate noise and false positives, delivering only high‑confidence alerts; Develop AI‑assisted runbooks, custom scripts, and intelligent agent workflows to automate the triage and remediation of high‑frequency vulnerabilities; Partner with platform teams to transform manual security review processes into automated, frictionless governance gates embedded directly within the CI/CD pipeline; Work directly with software engineers in their native tech stack Java , Python to provide specific, code‑level remediation guidance, focusing on minimizing developer friction; Conduct application threat modeling and architecture reviews for new features within critical applications; Act as a DevSecOps evangelist, actively bridging the gap between stringent security mandates and Agile delivery velocity. MUST HAVES 5+ years of experience in application security, software engineering, or DevSecOps, with at least 2+ years operating within highly regulated enterprise environments (Finance, Healthcare, Defense); Proven ability to manage, analyze, and automate large datasets of security vulnerabilities to build intelligent governance and reporting metrics; Deep, hands‑on expertise deploying, tuning, and consuming APIs from modern application security testing tools SAST , DAST , SCA and CNAPP platforms (e.g. Wiz , Checkmarx , SonarQube , Snyk ); Strong proficiency in Python (or Go ) to build custom scripts, automate vulnerability data triage, and manipulate API data from security tooling; High proficiency in reading and reviewing enterprise application code, specifically Java ; Advanced knowledge of vulnerability scoring systems CVSS , EPSS and industry‑standard security frameworks OWASP Top 10 , CWE ; Practical experience integrating automated security gates into modern CI/CD orchestration tools; Upper‑intermediate English level. NICE TO HAVES Experience utilizing LLMs , AI agents, or automated coding assistants to streamline vulnerability triaging, data classification, or remediation code generation; Prior experience managing vulnerabilities subject to strict financial compliance standards PCI‑DSS , SOC2 , NYDFS ; Industry‑recognized application security certifications (e.g., CSSLP , GWAPT , GWEB , CISSP , or CEH ); Strong familiarity operating within Agile/Scrum delivery models and utilizing Jira for automated backlog management. PERKS AND BENEFITS Professional growth : Accelerate your professional journey with mentorship, TechTalks, and personalized growth roadmaps. Competitive compensation : We match your ever‑growing skills, talent, and contributions with competitive USD‑based compensation. Exciting projects : Join projects with modern solutions development and top‑tier clients, including Fortune 500 enterprises and leading product brands. Flextime : Tailor your schedule for an optimal work‑life balance, with options for remote work and flexible hours. #J-18808-Ljbffr