Application Security Engineer at OpenGov

📋 Description

• Embed security into CI/CD pipelines with scalable guardrails and automated checks.
• Drive secure coding practices across engineering teams via tooling and guidance.
• Lead threat modeling for high-risk features and architectures.
• Own and tune AppSec tooling: SAST, DAST, SCA, secrets scanning, container scanning.
• Partner with DevOps to ensure automated testing integrates into build, test, deploy workflows.
• Evaluate emerging technologies to strengthen AppSec capabilities.

🎯 Requirements

• 5+ years in application security, secure development, or software engineering.
• Hands-on with SAST, DAST, SCA, secrets scanning, container scanning, and CI/CD.
• OWASP Top 10, ASVS, CWE Top 25, and secure coding principles.
• Threat modeling, code review, and architecture analysis.
• Experience partnering with Engineering to drive remediation.
• Preferred: AWS, SaaS, GovRAMP, TX-RAMP familiarity.

🎁 Benefits

• Comprehensive healthcare options for individuals and families
• Flexible vacation policy and paid company holidays
• 401(k) with company match
• Paid parental leave, wellness stipends, and HSA contributions
• Professional development and growth opportunities
• A collaborative office environment with weekly catered lunches