Jobs · Information Technology · Texas

Staff Application Security Engineer

Epsilon · Irving, TX · 2 days ago
HybridInformation Technology$100k/yrFull-time

About the role

The Security Engineer plays a critical role in strengthening the security of Epsilon’s software applications by embedding security into the development lifecycle and advancing AI-enabled engineering practices.

Responsibilities

  • Provide oversight and strategic direction for Epsilon’s application security platforms, ensuring they are effectively configured, adopted, and used by Product and Engineering teams (Veracode, SonarQube, Wiz experience is a plus).
  • Guide and review the analysis of application security findings, working with embedded Security Champions and engineering teams to interpret results, prioritize risk, and recommend remediation strategies.
  • Partner closely with Product, Engineering, and embedded Security Champions to ensure application security expectations are understood, consistently applied, and aligned with Epsilon’s security policies and standards.
  • Integrate AI into Application Security to Enable Secure-by-Design Engineering
  • Drive the adoption of AI-enabled development practices that embed application security directly into the software development lifecycle. Guide teams in using AI tools to generate, review, and remediate code securely, ensuring outputs are governed, validated, and aligned with enterprise security standards.
  • Expand application security beyond traditional tooling by positioning AI as a scalable mechanism to improve security coverage, consistency, and engineering productivity.
  • Serve as a trusted advisor to engineering teams by providing clear guidance, risk context, and actionable recommendations—translating complex security risks and requirements into practical, business-relevant decisions rather than executing security testing directly.
  • Communicate with confidence and clarity across technical and non-technical audiences, effectively influencing outcomes by articulating security risks, tradeoffs, and recommendations in a way that drives understanding and action.
  • Produce and deliver monthly KPI-based reporting that highlights trends, risk posture, adoption metrics, and actionable insights for both technical stakeholders and executive leadership.
  • Educate, coach, and enable development teams and embedded Security Champions on secure coding expectations, application security platforms, and Epsilon security policies.
  • Drive the onboarding of new teams and applications into application security platforms, ensuring consistent implementation, accountability, and long-term adoption.
  • Build and maintain strong, trust-based relationships across Product, Engineering, and Security to influence outcomes, reinforce shared ownership, and continuously mature application security practices.

Qualifications

  • Ability to Influence and Collaborate
  • Analytical and Problem-Solving Skills
  • Organizational Discipline
  • Educational Background
  • Absolutely Required: Bachelor’s or Master’s Degree in Computer Science or Related Field & At Least 5 Years of Hands-On Experience in Application Security or Cybersecurity
  • Experience with Application Testing (e.g., SAST, DAST, MAST, RAST, IAST)
  • Direct Experience in Application Vulnerability Management Processes
  • Strong Understanding of Threat Modeling
  • Technology Proficiency
  • Effective Use of AI to Enhance Engineering Productivity
  • Scripting and Infrastructure Experience
  • Strong Knowledge of Bash Scripting and Tools Like Ansible and Terraform
  • Developer Mindset
  • Prior Experience as a Software Developer and Familiarity with Cybersecurity Concepts

Similar jobs