Applications Security (AppSec) Engineer
tlas is seeking an pplication Security (AppSec) Engineer/Specialist to support pplication security and DevSecOps initiatives by helping teams integrate security best practices into day-to-day development and deployment workflows. This role will work closely with DevOps and engineering teams to assist with security automation, vulnerability validation, and secure CI/CD practices while building strong expertise in modern application security tools and standards. This is an execution-focused role ideal for a security professional who is hands-on, curious, and eager to grow in a fast-paced environment.
Key Responsibilities
- Support the adoption of pplication security and DevSecOps automation across development teams.
- ssist with educating engineering teams on core security standards and concepts (e.g., OWASP Top 10, OWASP ASVS).
- Participate in threat modeling sessions and design/security reviews for new code deployments under guidance of senior security resources.
- Help run and interpret results from security scanning tools, including:
- SAST
- SCA
- Secrets Scanning
- DAST
- Infrastructure-as-Code (IaC) scanning
- Triage and validate security findings by reviewing code and identifying true/false positives (primarily Python/JavaScript).
- Support engineering teams by documenting findings and providing clear, actionable remediation guidance aligned to security best practices.
- ssist with building, maintaining, and improving secure CI/CD workflows and DevSecOps processes.
- Stay up to date on evolving application security trends, tools, and techniques and share insights with the broader team.
- Contribute to internal documentation and support presentations or knowledge-sharing sessions related to security tools and industry trends.
Required Skills & Experience
- Deep knowledge of application security and secure development concepts.
- Experience with standards and frameworks such as:
- OWASP Top 10
- OWASP ASVS (nice to have)
- Experience with application security scanning tools:
- SAST, SCA, DAST, secrets scanning, and/or IaC scanning
- Excellent coding knowledge and ability to review and validate findings in:
- Python
- JavaScript
- DevOps and CI/CD knowledge and tools such as:
- GitHub or GitLab
- Docker
- Terraform (nice to have)
- Experience in cloud deployment environments such as:
- WS and/or Azure
- Experience using Python scripting to automate simple workflows or security checks.
- Infrastructure as Code (Terraform) and common cloud deployment patterns.
- Cybersecurity and privacy regulations and their impact on IT and software delivery.
Professional Skills
- Deep technical expertise
- Strong communication skills and the ability to collaborate across technical teams.
- Strong attention to detail and willingness to learn through hands-on work.
- Organized, proactive, and comfortable working in a team-based environment.
- bility to explain security findings clearly to developers and non-security stakeholders.
Join Our Team at Atlas tlas is a global strategic consulting firm, focused on the Life Sciences industry. Our services include Management Consulting, Managed Services and Agile Services. Global pharmaceutical companies and emerging players in life sciences depend on Atlas consultants to ensure they have the capabilities that will give them the ability to succeed. We are seeking Atlas IMPACT Makers who are ready to lead and innovate in dynamic environments. IMPACT Makers embody the principles of Atlas, driving transformative change and delivering outstanding results. We are an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, genetics, disability, age, or veteran status. We value diversity and inclusion in our workplace and are committed to creating an environment where everyone has an equal opportunity to succeed Apply tot his job Apply To this Job