Application Security Engineer

Deploy, configure, and operate controls across WAF, API security, bot/DDoS mitigation, identity/MFA, egress/DLP/SSL inspection, and SaaS security posture management (SSPM). Triage and remediate application and SaaS vulnerabilities/misconfigurations, drive hardening and exception governance. Build and maintain security standards, procedures, and baseline policies for internet-facing services; review and approve exceptions. Integrate security checks and guardrails into CI/CD and change processes; ensure inventory/CMDB accuracy for protected services. Develop and publish operational dashboards and metrics; clearly communicate status, risks, and recommendations to stakeholders. Collaborate with engineering and vendors to troubleshoot complex issues and deliver durable fixes. Continuously monitor and respond to security incidents, perform root cause analysis, and implement corrective actions. Secure and monitor data egress to prevent unauthorized data movement; promote secure data handling practices with developers and DevOps. Support internal/external audits and assessments; close findings with monitored sustainable controls. Bachelor's or Master's degree in Computer Science, Cybersecurity, or related field. 7+ years' experience in Application/SaaS Security or related security engineering roles, operating WAF, identity/MFA, egress/DLP, and SSPM at scale. Web and API security expertise (OWASP Top 10/API, policy baselines, logging/monitoring, bot/DDoS mitigation). Identity and access security for admin surfaces; familiarity with IGA/PAM and time‑bound elevation models. Ability to analyze application assets and enrich CMDB SaaS security posture (SSPM) operations and remediation workflows. Scripting/automation (e.g., Python/PowerShell) and CI/CD integration. Strong analytical, documentation, and cross‑functional communication abilities. Industry certifications such as CISSP, CCSP/CCSK, GIAC (GWEB/GCSA), or cloud security certifications (e.g., AWS Security Specialty, Azure Security Engineer). Experience with enterprise platforms (e.g., Akamai/F5 WAF, CyberArk EPM/PAM, leading IdPs, ServiceNow CMDB, and dashboarding such as Power BI). Experience with CASB tools and other similar platforms Familiarity with AI/ML security, including MLSecOps and LLMs. May lead functional teams or projects with moderate resource requirements, risk, and/or complexity Communicates difficult concepts and negotiates with others to adopt a different point of view When required, act as a good mentor and train junior engineers appropriately