Job Summary:

mPulse is seeking an experienced Application Security Engineer to join our Cybersecurity and Engineering team. This position plays a key role in designing, implementing, and maintaining secure architectures within our SaaS platform. The ideal candidate will embed security best practices throughout the software development lifecycle (SDLC), automate security processes, and collaborate with cross-functional teams to safeguard our cloud-native applications.

Duties/Responsibilities:

• Design and enforce secure coding standards aligned with OWASP and industry best practices for mPulse SaaS applications.
• Integrate SAST, DAST, and SCA tools into CI/CD pipelines to enable continuous security testing.
• Perform threat modeling, code reviews, and penetration testing to detect and mitigate vulnerabilities in applications and APIs.
• Develop and automate security controls for cloud environments (AWS, GCP, or Azure) and containerized workloads (Docker, Kubernetes).
• Collaborate with Software Engineering, DevOps, and Product teams to remediate findings and promote a DevSecOps culture.
• Stay informed of emerging security threats and apply innovative security solutions to strengthen SaaS architectures.
• Contribute to security documentation, training, and awareness programs to enhance organizational security posture.
• Participate in incident response and post-mortem reviews to drive security improvements.

Skills/Abilities/Experience:

• Deep understanding of secure SDLC and OWASP Top 10 principles.
• Ability to identify, analyze, and mitigate complex application vulnerabilities.
• Strong problem-solving, analytical, and troubleshooting skills.
• Effective communication and collaboration across technical and non-technical teams.
• Proactive learner who stays current with evolving cybersecurity threats, trends, and technologies.
• Self-motivated and able to thrive in a remote, fast-paced environment.

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
• 3–5+ years of experience in application security, secure development, or related technical security roles.
• Strong proficiency in Java, Python, React, or equivalent languages with emphasis on secure coding practices.
• Experience securing cloud environments (AWS, GCP, or Azure) and SaaS applications.
• Familiarity with tools such as Snyk, Checkmarx, OWASP ZAP, Burp Suite, or similar.
• Knowledge of CI/CD processes, microservices, and API security (OAuth 2.0, JWT).
• Experience with container security (Docker, Kubernetes) and DevSecOps frameworks
• Professional certifications such as CSSLP, OSCP, CEH, or AWS Security Specialty are a strong plus

Physical Requirements:

• Ability to stand and sit for extended period of time.
• Ability to lift 10 lbs. weight.