[Remote] Application Security AI Engineer
Note: The job is a remote job and is open to candidates in USA. RIT Solutions, Inc. is seeking an Application Security AI Engineer to provide unified application security triage and drive AI-enabled security tooling initiatives. The role involves assessing vulnerabilities, implementing security tooling, and enhancing software supply chain security.
Responsibilities
- Provide unified application security triage coverage across SCA, SAST, and DAST findings, including validation of critical and high-risk vulnerabilities
- Perform false positive analysis and exploitability assessment to prioritize remediation efforts
- Provide remediation guidance, escalation support, and handle PatchNow Critical events
- Assess and coordinate responses for threat intelligence escalations and monitor newly disclosed vulnerabilities
- Engineer, test, and implement AI-enabled security tooling, including support for evaluation of new AI capabilities and technical proof-of-value execution
- Strengthen software supply chain security through secure open-source dependency selection, SBOM and component visibility support, and detection of malicious packages
- Assess and improve developer IDE security, including securing plugins/extensions and developer workflows
Skills
- 8-10 years of experience in application security
- Expertise in code scanning methodologies including static scanning (SAST), dynamic scanning (DAST), and open source scanning (SCA)
- Strong background in SCA/SAST/DAST triage, vulnerability management, and threat intelligence
- Hands-on experience with AI-assisted security tooling and AI-enabled security tools, including frontier models and coding assistants
- Working knowledge of prompt and tool orchestration, model evaluation, and AI governance
- Proficiency with scripting and automation, APIs, and CI/CD workflows
- Experience with developer tooling, security platform integrations, IDE security, and package managers
- Capability to detect and assess malicious code in open-source dependencies
- Understanding of software supply chain security best practices
Company Overview
Company H1B Sponsorship