The Role
Design and implement automated security layers within the SDLC, build AI-enabled secure code scanning, integrate and tune SAST/DAST/SCA into CI/CD pipelines, provide code-level remediation for Java/Python applications, and create automated security runbooks.
Summary Generated by Built In
AgileEngine is an Inc. 5000 company that creates award-winning software for Fortune 500 brands and trailblazing startups across 17+ industries. We rank among the leaders in areas like application development and AI/ML, and our people-first culture has earned us multiple Best Place to Work awards.
WHY JOIN US
If you're looking for a place to grow, make an impact, and work with people who care, we'd love to meet you!
ABOUT THE ROLE
We are looking for a Senior Application Security Engineer to architect and build automated security layers within the SDLC, engineering AI-enabled secure code scanning, hardened baseline automation, and CI/CD security tooling integration across a large-scale financial services program. You will work in Python and Java to deploy and tune SAST, DAST, and SCA tools, provide code-level remediation guidance to development teams, and operate with full autonomy building automated security runbooks. The role requires 6+ years of software engineering experience with a strong AppSec and DevSecOps focus.
WHAT YOU WILL DO
- Engineer and deploy AI-enabled secure code scanning capabilities and Golden Images to drive secure-from-the-start adoption;
- Automate the development of secure coding patterns and integrate them with traditional and Agentic SDLC workflows;
- Architect the integration of continuous security scanning tools (SAST, DAST, SCA) into enterprise CI/CD pipelines, tuning them to eliminate noise;
- Act as a senior technical SME, reading and reviewing complex application code (Java/Python) to provide software engineers with highly specific, code-level remediation guidance.
MUST HAVES
- 6+ years of software engineering experience with a strong subsequent focus on Application Security and DevSecOps;
- Strong coding and architectural proficiency in Python (for security automation and scripting) and/or Java (to confidently read, review, and secure enterprise source code);
- Deep, hands-on expertise deploying and tuning modern application security testing tools (SAST, DAST, SCA) and integrating them into complex CI/CD orchestration ecosystems;
- Fully autonomous execution capability, requiring no daily supervision to map out and build automated security runbooks;
- Upper-intermediate English level.
NICE TO HAVES
- Experience integrating LLMs, AI agents, or automated coding assistants to streamline vulnerability triaging or secure code generation;
- Advanced application threat modeling experience.
PERKS AND BENEFITS
- Professional growth: Mentorship, TechTalks, and personalized growth roadmaps.
- Competitive compensation: USD-based pay with education, fitness, and team activity budgets.
- Exciting projects: Modern solutions with Fortune 500 and top product companies.
- Flextime: Flexible schedule with remote and office options.
Meet Our Recruitment Process
Application → Coding Challenge → Video Interview → Technical Interview or Hiring Manager Interview
Each step helps us understand your skills and overall fit.
If it’s a match, you’ll receive an offer.
Skills Required
- 6+ years of software engineering experience with a strong focus on Application Security and DevSecOps
- Strong coding and architectural proficiency in Python and/or Java
- Deep hands-on expertise deploying and tuning SAST, DAST, and SCA tools and integrating them into CI/CD pipelines
- Ability to execute fully autonomously to design and build automated security runbooks
- Upper-intermediate English
- Experience integrating LLMs, AI agents, or automated coding assistants to streamline vulnerability triaging or secure code generation
- Advanced application threat modeling experience
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
AgileEngine is a privately held company established in 2010 that builds dedicated teams of designers and developers. We turn good ideas into awesome software that people actually want to use. Some of the biggest names and the hottest startups around the world chose us to build their tech.








