[Remote] Senior Application Security Engineer
Note: The job is a remote job and is open to candidates in USA. PTR Global is a leading financial services organization seeking an Application Security AI Engineer. This role involves application security engineering, AI-enabled security tooling, software supply chain security, and vulnerability management to protect enterprise applications and developer ecosystems.
Responsibilities
- Provide application security triage across SCA, SAST, and DAST findings
- Validate critical and high-risk vulnerabilities through exploitability analysis and false-positive review
- Deliver remediation guidance and partner with development teams through issue resolution
- Support threat intelligence escalations and critical patch events, including impact assessment, coordination, tracking, and closure
- Research newly disclosed vulnerabilities and emerging threats, producing actionable remediation recommendations
- Evaluate, test, and implement AI-powered application security tools that improve vulnerability detection, triage, and remediation workflows
- Support the evaluation and adoption of AI security capabilities through proof-of-value testing, governance reviews, and security validation
- Strengthen software supply chain security by securing open-source dependencies, SBOM visibility, malicious package detection, and dependency governance
- Improve the security of developer environments, including IDEs, plugins, package managers, coding assistants, and CI/CD integrations
- Automate security workflows using scripting, APIs, and security platform integrations
Skills
- 3+ years of experience with Static Application Security Testing (SAST)
- 3+ years of experience with Dynamic Application Security Testing (DAST)
- 3+ years of experience with Software Composition Analysis (SCA) and open-source dependency scanning
- Experience managing high-severity application security findings from identification through remediation
- Experience with scripting, automation, APIs, CI/CD pipelines, or security platform integrations
- Familiarity with AI-enabled security tools, coding assistants, frontier models, prompt engineering, or AI governance processes
- Experience securing software supply chains, open-source dependencies, developer tooling, and CI/CD environments
- Strong understanding of application security principles and secure software development practices
- Excellent analytical, communication, and collaboration skills
- 3+ years of Code Scanning experience
- 3+ years of Open Source (SCA) Scanning experience
- 3+ years of Static and Dynamic Application Security Scanning (SAST/DAST)
- Application Security
- Vulnerability Management
- Security Automation
- AI-assisted vulnerability management
- Software supply chain security
- SBOM management
- Threat intelligence
- DevSecOps
- Security automation
- Cloud security
- Vulnerability management platforms
Company Overview