Happy Techies is your personal career cheerleader, and we're here to help you get the job you deserve!

Jobs

Job Directory Data Engineer Remote Jobs Data Scientist Remote Jobs AI Engineer Jobs BI Analyst Jobs Power BI Jobs System Administrator Jobs

Resources

Community Perspectives Microsoft Partners Interview Preparation Resume Coaching and Review

Company

About us Contact us

Contact us

info@happytechies.com Dallas, TX

Copyright © 2025HappyTechies. All Rights Reserved

Login Employers

Principal Application Security Engineer

Job TypeFulltime

Skills RequiredAzure

LocationNew York, New York

SalaryNo salary information was found.

Date Posted July 31, 2025

IDEXX Laboratories

IDEXX Laboratories is seeking a Principal Application Security Engineer to influence secure design practices across its product portfolio. This role involves strategic consulting, stakeholder engagement, and the development of security programs to enhance product security.

Job description

IDEXX seeks a Principal Application Security Engineer to guide and influence secure design practices across IDEXX product portfolio. This consultative role partners with development teams to establish security best practices, provide architectural guidance, and enable teams to build secure products from inception. You'll serve as a trusted advisor rather than a hands-on implementer. In this role, you will have the opportunity to shape security culture across IDEXX. This is a high-visibility role influencing product security strategy. You will be engaged with diverse teams and technologies and make an impact on products improving animal health globally. In this role, you will be responsible for... Strategic Security Consulting: • Advising product teams on security architecture decisions and risk trade-offs • Facilitating threat modeling workshops and architecture review sessions • Providing expert guidance on security patterns and anti-patterns and influence security strategy across multiple product lines and teams Security Standards & Governance: • Working with IDEXX GRC team to promote security policies, standards, and guidelines for development teams. • Creating reusable security blueprints and reference architectures. • Establishing security decision frameworks for common architectural patterns and guide teams in interpreting and applying compliance requirements Stakeholder Engagement & Influence: • Consulting with product owners, architects, and engineering leads on security risks. • Presenting security recommendations to technical and business stakeholders and build consensus around security decisions across diverse teams and act as liaison between Information Security and product development Security Program Development • Influencing the Product & Application Security program strategy and initiatives • Designing security awareness programs tailored to different roles • Developing self-service security resources and playbooks • Establishing metrics to measure security program effectiveness What you will need to succeed: • 7-10+ years in security consulting, architecture, or advisory roles with experience in application security and implementing SAST, DAST, SCA, etc. • In depth experience performing application security initiatives, including security assessments, threat modeling, and secure code reviews. • Strong understanding of modern software development practices, cloud computing concepts, and delivery methodologies. • Proficiency in security testing tools such as Synopsys, CodeQL, CSPM, etc. • Experience with security of cloud workloads (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes). • Comfortable working with various methodologies & topologies, including DevOps, DevSecOps, SCRUM/Agile, Waterfall, etc. • Expertise in threat modeling and risk assessment methodologies • Deep knowledge of application security principles and patterns and understanding of enterprise security architecture frameworks • Familiarity with regulatory compliance (SOX, GDPR, HIPAA) • Exceptional written and verbal communication abilities with the ability to translate technical risks into business impact • Proven track record of influencing technical decisions without direct authority with a background in stakeholder management and consensus building • Experience presenting to and advising Principal technical leadership • Experience facilitating workshops and leading architectural discussions • Skills in creating compelling security documentation and presentations It would be a plus if you had some of these things: • Security certifications (CISSP, SABSA, TOGAF) • Experience in healthcare or regulated industries • Track record of developing security programs or frameworks • Public speaking or thought leadership in security Location: while it is preferred that you live near our corporate HQ in the Portland, Maine, we are also open to individuals in the EST time zones. What You Can Expect from Us • Base annual salary target: $150000 to 170000 (yes, we do have flexibility if needed) • Opportunity for annual cash bonus and yearly equity award • Health / Dental / Vision Benefits Day-One • 5% matching 401k • Additional benefits including but not limited to financial support, pet insurance, mental health resources, volunteer paid days off, employee stock program, foundation donation matching, and much more!

Requirements

• 7-10+ years in security consulting, architecture, or advisory roles with experience in application security and implementing SAST, DAST, SCA, etc

• In depth experience performing application security initiatives, including security assessments, threat modeling, and secure code reviews

• Strong understanding of modern software development practices, cloud computing concepts, and delivery methodologies

• Proficiency in security testing tools such as Synopsys, CodeQL, CSPM, etc

• Experience with security of cloud workloads (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes)

• Comfortable working with various methodologies & topologies, including DevOps, DevSecOps, SCRUM/Agile, Waterfall, etc

• Expertise in threat modeling and risk assessment methodologies

• Deep knowledge of application security principles and patterns and understanding of enterprise security architecture frameworks

• Familiarity with regulatory compliance (SOX, GDPR, HIPAA)

• Exceptional written and verbal communication abilities with the ability to translate technical risks into business impact

• Proven track record of influencing technical decisions without direct authority with a background in stakeholder management and consensus building

• Experience presenting to and advising Principal technical leadership

• Experience facilitating workshops and leading architectural discussions

• Skills in creating compelling security documentation and presentations

• Security certifications (CISSP, SABSA, TOGAF)

• Experience in healthcare or regulated industries

• Track record of developing security programs or frameworks

• Public speaking or thought leadership in security

Similar Jobs

Techfellow Limited

Lead Application Security Engineer | Technology-Enriched Investment Firm

New City, New York

Techfellow Limited is seeking a Lead Application Security Engineer to establish a new application security function within a technology-enriched investment firm. This senior role involves shaping and implementing a DevSecOps environment while collaborating with engineering teams to ensure secure software delivery.

CI/CDJenkinsAzure

Cloud Solution Architect - Security

Washington, District of Columbia

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Cloud Solution Architect - Security

Oregon City, Oregon

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves technical strategy, architecture, and implementation of security solutions for clients worldwide.

Information Security Engineer II - Full-time

St Paul, Minnesota

Lumen is seeking an Information Security Engineer II to manage and secure the enterprise's firewall and VPN operations. This role involves maintaining network security, resolving incidents, and collaborating with internal stakeholders.

Cloud Solution Architect - Security

Sullivan's Island, South Carolina

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves technical relationship management, architecture, and implementation of security solutions.

SIEM & SOAR Analyst - Full-time

Jersey City, New Jersey

MUFG is seeking a highly motivated SIEM and SOAR Analyst to enhance security posture through advanced technology implementation. The role involves managing enterprise log management and security orchestration platforms while collaborating with various stakeholders.

Applied Research Solutions

Information Systems Security Analyst

Beavercreek, Ohio

Applied Research Solutions is seeking an entry-level Information Systems Security Analyst to support security operations and compliance in a hybrid Azure environment. Ideal for candidates with a background in IT support looking to transition into cybersecurity.

American Express Global Business Travel

Director of Application Security - Full-time

Honolulu, Hawaii

American Express Global Business Travel is seeking a Director of Application Security to lead the development of a world-class application security program. This role involves embedding security across the software development lifecycle and managing a global team of security engineers.

CI/CDGitHubJenkins

Techfellow Limited

Lead Application Security Engineer | Technology-Enriched Investment Firm

New City, New York

Techfellow Limited is seeking a Lead Application Security Engineer to establish a new application security function within a technology-enriched investment firm. This senior role involves shaping and implementing a DevSecOps environment while collaborating with engineering teams to ensure secure software delivery.

CI/CDJenkinsAzure

Cloud Solution Architect - Security

Washington, District of Columbia

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Application Security Engineer - Remote

_Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( SUMMARY We seek a highly motivated and experienced Application Security Engineer to join our growing security team. This role is highly technical and candidates must possess a solid understanding of the security and privacy of our company's applications and data. The Application Security Engineer must understand development, coding, security engineering, and secure systems configurations. This position ensures that every step of the software development lifecycle (SDLC) follows security best practices. This involves conducting security assessments with SAST and DAST tools, reading source code, threat modeling, and designing and implementing secure software development practices. They will determine where security vulnerabilities exist and implement fixes. They must understand how an application may be misused and exploited. The Application Security Engineer will collaborate with software development teams and provide guidance on best practices for secure coding. They will also stay up to date on the latest security trends and technologies and integrate them into the organization's security strategy. The ideal candidate will have strong analytical and problem-solving skills, as well as experience in application security and knowledge of programming languages and web technologies. A Bachelor's degree in Computer Science and certifications such as CISSP, OSCP, or CASE are preferred. ESSENTIAL FUNCTIONS Conduct security assessments that require expertise of our organization's applications using both Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) methodologies. Collaborate with software development teams to integrate security into the development life cycle. Conduct security assessments of web, mobile, and other applications. Analyze security assessment results to identify security vulnerabilities and provide guidance on remediation. Design and implement secure software development practices, including threat modeling, secure coding standards, and code review. Stay current with security threats, trends, and technologies, and recommend new security controls as needed. Conduct application security investigations and provide recommendations to mitigate risk. Maintain security documentation, provide subject matter expertise, and collaborate on security policies, procedures, and standards. ADDITIONAL RESPONSIBILITIES Performs other duties as assigned. EDUCATION Bachelor's degree in computer science, information security, or a related field EXPERIENCE Five (5) years or more experience with OWASP, SAST, DAST, SCA, RASP and common security tools, required. Seven (7) years or more application security, security engineering, software development, or a related field, required. Five (5) years or more strong understanding of web application security and common attack vectors. (e.g. SQL injection, XSS, CSRF), required. Five (5) years or more experience with secure coding practices, threat modeling, and secure software development life cycle (SDLC) methodologies. required Five (5) years or more proven experience in diagnosing, isolating, resolving complex issues and recommending/implementing strategies to resolve problems, required. Five (5) years or more demonstrated experience with systems integration processes, methodology and tools, required. Seven (7) years or more development and scripting experience, required. Five (5) years or more professional application security role, required. Five (5) years or more experience with API and Web Security, required. Three (3) years or more experience with WAF, or similar application security infrastructure a plus, preferred. Seven (7) years or more experience in integrating security in CI/CD, DevOps, required. Six (6) years or more experience process or operation management Six (6) years or more experience Value Stream Mapping, Continuous Flow, Pull Replenishment and other process improvement experience. SKILLS Excellent communication skills, both verbal and written, and the ability to work effectively with cross-functional teams. Ability to create and maintain professional relationships within all levels of the organization (peers, work groups, customers, supervisors). Ability to work independently and as a member of a team. Flexibility to operate and self-driven to excel in a fast-paced environment. Capable of multi-tasking, highly organized, with excellent time management skills Proficiency in at least one programming language (e.g. Python, .NET, Javascript) with .NET preferred., advanced, required. Proficiency in at least one common scripting language (e.g. PowerShell, bash, etc.), advanced, required. Familiarity of NIST framework, PCI, ISO 27001, SOC, SOX, CCPA, GDPR and global regulations, expert, required. CI/CD experience with Azure Devops, Terraform or other automation and integration technologies, expert, required. Risk management findings, vulnerability prioritization, threat modeling, and mitigation strategy, advanced, required. LICENSES CISSP, OSCP, CASE, or other industry-leading certifications, preferred. TRAVEL 1-10% Applicants from California, Colorado, Hawaii, New Jersey, New York City, and Washington: Salary is determined based on internal equity; internal salary ranges; market data/ranges; applicant’s skills; prior relevant experience; certain degrees or certifications, etc. The salary for this position ranges from $120,000.00 to $150,000.00. Employees may also be eligible to receive an annual bonus, as applicable. Ryder offers comprehensive health and welfare benefits, to include medical, prescription, dental, vision, life insurance and disability insurance options, as well as paid time off for vacation, illness, bereavement, family and parental leave, and a tax advantaged 401(k) retirement savings plan Job Category: Information Security Ryder is proud to be an Equal Opportunity Employer and Drug Free workplace. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, among other things, or status as a qualified individual with disability. _Job Seekers can review the Job Applicant Privacy Policy by clicking HERE. ( Current Employees: If you are a current employee at Ryder (not a Contractor or temporary employee through a staffing agency), please click here ( to log in to Workday to apply using the internal application process. #wd

CI/CDAzureAzure Devops

Cloud Solution Architect - Security

Oregon City, Oregon

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves technical strategy, architecture, and implementation of security solutions for clients worldwide.

Information Security Engineer II - Full-time

St Paul, Minnesota

Lumen is seeking an Information Security Engineer II to manage and secure the enterprise's firewall and VPN operations. This role involves maintaining network security, resolving incidents, and collaborating with internal stakeholders.

Cloud Solution Architect - Security

Sullivan's Island, South Carolina

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves technical relationship management, architecture, and implementation of security solutions.

SIEM & SOAR Analyst - Full-time

Jersey City, New Jersey

MUFG is seeking a highly motivated SIEM and SOAR Analyst to enhance security posture through advanced technology implementation. The role involves managing enterprise log management and security orchestration platforms while collaborating with various stakeholders.

Applied Research Solutions

Information Systems Security Analyst

Beavercreek, Ohio

Applied Research Solutions is seeking an entry-level Information Systems Security Analyst to support security operations and compliance in a hybrid Azure environment. Ideal for candidates with a background in IT support looking to transition into cybersecurity.

American Express Global Business Travel

Director of Application Security - Full-time

Honolulu, Hawaii

American Express Global Business Travel is seeking a Director of Application Security to lead the development of a world-class application security program. This role involves embedding security across the software development lifecycle and managing a global team of security engineers.

CI/CDGitHubJenkins

Techfellow Limited

Lead Application Security Engineer | Technology-Enriched Investment Firm

New City, New York

Techfellow Limited is seeking a Lead Application Security Engineer to establish a new application security function within a technology-enriched investment firm. This senior role involves shaping and implementing a DevSecOps environment while collaborating with engineering teams to ensure secure software delivery.

CI/CDJenkinsAzure

Cloud Solution Architect - Security

Washington, District of Columbia

Microsoft is seeking a Cloud Solution Architect - Security to drive customer security transformation on Azure and Microsoft 365 platforms. This role involves owning the technical relationship and strategy for security-focused customer engagements.

Job TypeFulltime

Skills RequiredAzure

LocationNew York, New York

SalaryNo salary information was found.

Date Posted July 31, 2025

IDEXX Laboratories

IDEXX Laboratories is seeking a Principal Application Security Engineer to influence secure design practices across its product portfolio. This role involves strategic consulting, stakeholder engagement, and the development of security programs to enhance product security.