Senior AppSec Engineer

One of our top financial customers is seeking a Senior Application Security Engineer to join our Cyber Defense Engineering team, supporting and advancing enterprise application security initiatives. This role sits at the intersection of AppSec, DevOps, and software development, with ownership over a centralized application security platform and dashboard used by engineering, security, and executive leadership.

You will enhance and expand integrations across application security tools, translate findings into actionable insights for developers, and help mature our DevSecOps workflows. The ideal candidate brings strong hands on engineering skills, secure coding experience, and the ability to operate independently while collaborating closely across teams.

Key Responsibilities
- Own and enhance a centralized application security dashboard and integration platform
- Integrate and maintain AppSec tooling, including SAST, SCA, secrets detection, and container security
- Deliver security findings to developers and business owners through efficient, actionable workflows
- Bridge the gap between security signal and remediation for engineering teams
- Identify gaps in DevOps and application security processes and propose scalable solutions
- Conduct secure code reviews and contribute to internal security product development
- Provide expert troubleshooting across application security and related tooling
- Advise teams on application security best practices and secure development standards
- Participate in product planning, implementation, and backlog decomposition
- Mentor junior engineers and contribute to shared engineering practices
- Participate in an on call rotation as needed

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

- 7+ years professional software development experience
- 3+ years hands on Application Security or DevSecOps experience within development teams
- Strong front end development expertise with TypeScript/JavaScript, serving as primary UI owner
- React or comparable modern front end framework
required (Angular, Vue.js, Svelte)
- Exp. building data rich dashboards/internal platforms
- Backend development experience in Python (Java a plus) to support APIs, integrations, and data workflows
- Proven custom development background (beyond platform configuration)
- Experience translating security requirements into application and DevOps workflows
- Hands on experience with application security practices and tooling, including static code analysis, vulnerability management, and security operations
- Experience building or enhancing centralized dashboards aggregating data from multiple security or engineering tools
- Deep experience with CI/CD pipelines and Git based workflows
- Git, GitHub Actions, GitHub Workflows, GitOps
- Hands on experience with containerized applications, including:
- Docker/Docker Compose
- Kubernetes deployment YAML
- Infrastructure as Code (Terraform)
- Experience with SQL and/or NoSQL data stores (PostgreSQL preferred)
- Strong knowledge of secure SDLC practices, including code reviews and resiliency testing
- Ability to operate as a senior technical owner and escalation point across teams
- Excellent communication skills, including presenting dashboard designs and security insights to senior stakeholders (up to CISO level)
- Bachelor’s degree in Computer Science or related field (or equivalent experience)

- Experience in financial services, government, or other regulated environments
- Strong AWS experience (primary environment), including CI/CD, containers, and cloud native patterns (Lambda a plus)
- Experience with AppSec tools such as Snyk, GitGuardian, or Wiz
- End to end ownership of an internal dashboard or platform (UI, backend services, ingestion)
- Experience scaling dashboards for multiple data sources and future growth
- Exposure to Azure (this is much smaller and secondary cloud environment for enterprise)
- Experience operating in a shift left DevSecOps model
- Familiarity with product operating models and agile delivery
- Strong systems design background focused on security, resiliency, and stability
- Interest in serving as a technical or thought leader in AppSec or DevOps security

Benefit packages for this role will start on the 1st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.