×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Application Security Engineer

Job in Boston, Suffolk County, Massachusetts, 02298, USA
Listing for: HarbourVest Partners
Full Time position
Listed on 2026-02-08
Job specializations:
  • IT/Tech
    Cybersecurity
Job Description & How to Apply Below

Job Description Summary

For over forty years, Harbour Vest has been home to a committed team of professionals with an entrepreneurial spirit and a desire to deliver impactful solutions to our clients and investing partners. As our global firm grows, we continue to add individuals who seek a collaborative, open-door culture that values diversity and innovative thinking.

In our collegial environment that’s marked by low turnover and high energy, you’ll be inspired to grow and thrive. Here, you will be encouraged to build on your strengths and acquire new skills and experiences.

We are committed to fostering an environment of inclusion that promotes mutual respect among all employees. Understanding and valuing these differences optimizes the potential of both the individual and the firm.

Harbour Vest is an equal opportunity employer.

This position will be a hybrid work arrangement. You will receive 18 remote workdays per quarter to use at your discretion, subject to manager approval. For example, you may choose to work in the office 4 days per week and take one remote day weekly (typically 13 weeks per quarter), leaving 5 additional remote days to be used as needed.

Responsibilities

  • As a key member of the Security Engineering team, help lead Harbour Vest’s Application Security program. The Application Security Engineer (ASE) will serve in a multi-functional role, advising development teams on secure coding and accepted industry procedures. The ASE is responsible for leading SDLC initiatives that include secure code reviews, architecture assessments, and application scanning methods. They will provide end-to-end leadership for application security, working closely within platform teams to advocate for and enhance a strong program focused on application security.

    In this role, they will help uphold and continuously improve Harbour Vest’s high security standards across infrastructure, applications, and operational processes.

  • Identify risks and areas of exposure in applications, SDLC processes, and architecture

  • Define guardrails, standards, and secure usage patterns for agentic AI–based coding tools, enabling engineering teams to adopt them safely while managing data exposure, code quality, and security risk

  • Perform secure build reviews, threat modeling, and application security testing (SAST, DAST, SCA)

  • Identify, assess, and support remediation of vulnerabilities in web applications and APIs

  • Partner with engineering teams to promote secure coding standards utilizing CI/CD pipelines and Dev Sec Ops  practices

  • Support audits, regulatory exams, penetration tests, and security incident response

  • Secure and continuously monitor third-party SaaS applications using SSPM tools, ensuring configurations, access controls, and integrations meet Harbour Vest security standards

  • Establish metrics and reporting to track coverage and effectiveness of security processes

  • Enable developers through secure coding guidance, training, and tooling

  • And other responsibilities as required!

Qualifications

  • Solid understanding of application security principles and OWASP Top 10 risks

  • Experience securing web applications, APIs, and microservices in financial environments

  • Hands-on experience with AI-assisted coding tools such as Cursor, Git Hub Copilot, and ChatGPT Codex, with an understanding of their security implications in enterprise software development

  • Proficiency reviewing code in at least one common language (Java, Python, C#, or JavaScript)

  • Familiarity with cloud platforms, containers, IaaC, and modern Dev Sec Ops  tooling

  • Ability to clearly communicate technical risk to both technical and non-technical collaborators

Education Preferred:

  • Bachelor’s degree or equivalent experience in Computer Science, Information Security, or a related field

  • Security certifications such as CISSP, CSSLP, OSCP, GWAPT, or similar are a plus

Experience:

  • 3-5 years of experience in application security or secure software development

  • Experience working in controlled sectors such as finance, banking, or fintech

  • Exposure to compliance frameworks (e.g., SOC 2, SOX, PCI DSS, GDPR)

Salary Range

$ - $

This USD base salary range represents only one component of total compensation for this role and is provided in accordance with local requirements. This role is eligible for a discretionary annual bonus, which is determined based on individual and overall firm performance. In addition to salary and bonus, total compensation may include eligibility for long-term reward programs and a comprehensive total rewards package that may include retirement, health, insurance, paid time off, and wellness programs.

Our total rewards offerings are influenced by several business factors, and eligibility for certain components will vary by position and geography. Please note the posted ranges do not apply outside the U.S. and should not be converted to other currencies as a proxy for compensation in other countries.

#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search