Full Time
Detroit, MI(Remote)
Posted 8 months ago

Application Security Engineer (Remote)
Contract | Remote | Application Security
A leading cybersecurity consulting firm is looking for an experienced Application Security Engineer to join its growing Application Security practice. This role is ideal for someone with strong C#/.NET expertise who thrives in client-facing environments and enjoys digging deep into secure development practices.
What You’ll Do

Remediation Guidance: Work directly with engineering and DevOps teams to validate, prioritize, and support remediation of vulnerabilities from assessments, scans, and bug bounty submissions.

Manual Secure Code Review: Review .NET and enterprise application codebases to identify logic flaws, injection risks, misconfigurations, and other security issues that scanners often miss.

Threat Modeling: Conduct lightweight threat modeling for new application features to uncover architectural risks early in the development lifecycle.

Secure SDLC Enablement: Serve as a trusted security advisor to development teams, driving secure coding practices and embedding security into CI/CD workflows.

Tooling Integration: Assist with the setup and fine-tuning of AppSec tools (SAST, DAST, SCA) and their integration into development pipelines.

What You Bring

Solid experience in C#/.NET Core and Framework development and security

Deep knowledge of secure coding practices , OWASP Top 10, and common vulnerability patterns (CWE)

Hands-on experience with manual code reviews

Familiarity with threat modeling frameworks (STRIDE, LINDDUN, etc.)

Understanding of modern SDLC processes, DevOps culture, and security tooling

Strong communication skills and the ability to work effectively with engineers and security teams

Bonus Points For

Consulting or client-facing security experience

Exposure to penetration testing or red teaming

Experience with cloud-native applications (Azure or AWS), Kubernetes, or container security

Security certifications such as OSWE, CSSLP, GWAPT, eCPTX

Why Apply

Work with highly respected cybersecurity professionals solving real-world challenges

Direct impact with enterprise clients and innovative teams

100% remote work with flexible schedules

Access to top-tier research, ongoing training, and certification support

Opportunity to help shape a growing AppSec service line

Match Made Tech

You must sign in to apply for this position.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Application Security Engineer (REMOTE US or Canada)

Related