×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Application Security Engineer II - Cyber Defense

Job in Irvine, Orange County, California, 92713, USA
Listing for: Hyundai Autoever America
Full Time position
Listed on 2026-02-23
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 120000 - 170000 USD Yearly USD 120000.00 170000.00 YEAR
Job Description & How to Apply Below
Position: 10873 - Application Security Engineer II - Cyber Defense

Cyber Defense, Application Security Engineer II Location – Irvine, CA

Company Overview Hyundai Auto Ever America (HAEA), the dynamic IT powerhouse behind Hyundai Motor Corporation, a Fortune 500 global leader in the automotive industry. As a key affiliate, we provide cutting‑edge IT services and support to top brands including Kia, Genesis, Hyundai Translead, Hyundai Mobis, Hyundai Capital, and Glovis. HAEA offers a truly global and collaborative environment. Here, you’ll drive innovation, boost operational efficiency, and help shape the future of mobility for the Hyundai Motor Group.

At HAEA, we understand that IT is the cornerstone of today’s fast‑evolving digital world. By uniting all IT resources under one roof, we deliver consistent, top‑quality solutions while serving as the crucial information link between Hyundai’s Global Headquarters and North American operations. If you’re passionate about technology and eager to make a real impact at a world‑class company, Hyundai Auto Ever America is the place to grow your career.

Join us and be part of the transformation that’s driving the future of automotive innovation.

What You Will Be Doing

The Application Security Engineer II plays a key role in strengthening application security across the software development lifecycle. This role sits within the Cyber Defense organization and is responsible for defining and documenting Secure SDLC requirements, developing and managing a hardened cloud container image repository, and embedding automated security testing into CI/CD pipelines. The role requires hands‑on technical capability combined with the ability to define standards, influence development teams, and ensure vulnerabilities are identified and remediated before final build and release, in alignment with agreed remediation timelines.

The key responsibilities of this role are as described below:

Secure SDLC Requirements & Standards
  • Define, document, and maintain Secure SDLC policies, standards, and procedures covering:
    • Secure design and coding expectations
    • Security testing requirements
    • Build, release, and deployment security controls
  • Partner with Engineering, Platform, and App Dev teams to ensure Secure SDLC requirements are:
    • Practical and scalable
    • Integrated into existing development workflows
    • Clearly communicated and understood
  • Utilizing the standardized Risk Operation processes, support governance activities, including reviews, exceptions, and continuous improvement of SDLC security requirements.
Container Security & Hardened Images
  • Develop, manage, and maintain a hardened cloud container image repository for application workloads.
  • Define baseline security requirements for container images, including:
    • Base image selection and hardening
    • Patch and dependency management
    • Runtime security considerations
  • Partner with platform and application teams to drive adoption of approved images and patterns.
  • Ensure container images are scanned, updated, and versioned in alignment with security standards.
CI/CD Security Tooling & Integration
  • Define and implement automated security testing within CI/CD pipelines, including:
    • Static Application Security Testing (SAST)
    • Dynamic Application Security Testing (DAST)
    • Open‑source and dependency vulnerability scanning
  • Tune tools and rules to balance coverage, accuracy, and developer experience.
  • Ensure security testing is integrated early in the pipeline to enable remediation prior to final build and deployment.
Vulnerability Management & Remediation
  • Partner with engineering and application teams to ensure findings from SAST, DAST, and open‑source scans are incorporated into the Risk Operation function and:
    • Clearly triaged and prioritized
    • Assigned appropriate ownership
    • Remediated within agreed SLAs and timelines
  • Track remediation progress and elevate systemic or repeated issues.
  • Validate remediation and support secure release decisions.
Collaboration & Enablement
  • Act as a trusted security partner to development and other relevant teams.
  • Provide guidance on secure coding practices, vulnerability remediation, and threat patterns.
  • Support application security reviews, threat modeling, and design discussions as needed.
  • Contribute to continuous improvement of…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search