Jr. Application Security Specialist

Overview

Job Title: Jr. Application Security Specialist

Position Type: Contract

Location: Princeton, NJ (Onsite from Day 1, Hybrid Model – 2 Days Onsite)

Job Description:

We are seeking a motivated Jr. Application Security Specialist to support application security and Dev Sec Ops  initiatives. In this role, you will help teams integrate security best practices into day-to-day development and deployment workflows. You will work closely with Dev Ops and engineering teams to assist with security automation, vulnerability validation, and secure CI/CD practices while building strong foundational expertise in modern application security tools and standards.

This is an execution-focused role ideal for a security professional who is hands-on, curious, and eager to grow in a fast-paced environment.

• Support the adoption of application security and Dev Sec Ops  automation across development teams.
• Assist with educating engineering teams on core security standards and concepts (e.g., OWASP Top 10, OWASP ASVS).
• Participate in threat modeling sessions and design/security reviews for new code deployments under the guidance of senior security resources.
• Help run and interpret results from security scanning tools, including:
• SAST (Static Application Security Testing)
• SCA (Software Composition Analysis)
• Secrets Scanning
• DAST (Dynamic Application Security Testing)
• Infrastructure-as-Code (IaC) scanning
• Support engineering teams by documenting findings and providing clear, actionable remediation guidance aligned with security best practices.
• Assist with building, maintaining, and improving secure CI/CD workflows and Dev Sec Ops  processes.
• Stay up to date on evolving application security trends, tools, and techniques and share insights with the broader team.
• Contribute to internal documentation and support presentations or knowledge-sharing sessions related to security tools and industry trends.

• Solid understanding of application security and secure development concepts.
• Experience with standards such as OWASP Top 10 (OWASP ASVS is a plus).
• Exposure to application security scanning tools (hands-on experience preferred), including SAST, SCA, DAST, secrets scanning, and/or IaC scanning.
• Understanding of Dev Ops concepts and tools such as Git Hub/Git Lab and Docker.
• Understanding of cloud deployment environments such as AWS and/or Azure.

• Experience using Python scripting to automate simple workflows or security checks.
• Knowledge of Infrastructure as Code (Terraform) and common cloud deployment patterns.
• Knowledge of cybersecurity and privacy regulations and their impact on IT and software delivery.
• Familiarity with OWASP ASVS.

• Strong communication skills and the ability to collaborate across technical teams.
• Strong attention to detail and willingness to learn through hands-on work.
• Organized, proactive, and comfortable working in a team-based environment.
• Ability to explain security findings clearly to developers and non-security stakeholders.