Senior Security Assessment Engineer

The Senior Security Assessment Engineer will play a critical role in evaluating the security posture of applications developed across all areas of the technology organization, including those sourced from external vendors. This role is designed for a seasoned security professional who can lead comprehensive assessments, identify risks, and recommend mitigation strategies. This role requires a forward-thinking approach to security assessments, incorporating AI to improve speed, accuracy, and scalability.

• Conduct security assessments of internally developed and third-party applications across the enterprise.
• Collaborate with engineering, product, and vendor teams to understand application architecture and identify potential security risks.
• Develop and maintain standardized assessment frameworks and methodologies tailored to various application types and deployment models.
• Develop AI tools and techniques to automate and streamline security assessments, including compliance and policy enforcement, threat modeling, and supply chain security evaluation.
• Document findings and provide actionable recommendations to improve application security posture.
• Track remediation efforts and validate fixes to ensure risk reduction.
• Contribute to the development of secure design patterns and reusable security components.
• Stay current with emerging threats, vulnerabilities, and AI-driven security innovations.

• Bachelor’s or master’s degree in computer science, cybersecurity, or a related field or equivalent experience required.
• 8+ years of experience in cybersecurity, including hands-on assessment and remediation.
• Strong understanding of secure software development practices, threat modeling, and vulnerability management.
• Experience with security assessment tools and platforms, including AI-enhanced solutions.
• Familiarity with cloud-native architectures, APIs, and modern development frameworks.
• Excellent communication skills and ability to influence cross-functional teams.
• Certifications such as CISSP, OSCP, or CSSLP are a plus.