MENU
  • Remote Jobs
  • Companies
  • Go Premium
  • Job Alerts
  • Post a Job
  • Log in
  • Sign up
Working Nomads logo Working Nomads
  • Remote Jobs
  • Companies
  • Post Jobs
  • Go Premium
  • Get Free Job Alerts
  • Log in

Staff Application Security Engineer

EDB

Full-time
USA
security
engineer
infosec
javascript
python
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote Development jobs

Job Description:

As an Staff Application Security Engineer at EDB you will report directly to the Director of Information Risk Management as a trusted member of the CISO staff. Your role leads the transformation of the security and development processes within EDB, helping the organization identify, repair and protect against vulnerabilities throughout a secure software development lifecycle (SDLC). You are responsible for understanding multiple security frameworks, translating objectives, partnering with stakeholders and promoting best practices across all EDB products. The ideal candidate must be comfortable working in a global environment that supports flexible work schedules, and a distributed security model. Whether you are looking to expand autonomy in your role, build a new security foundation, or just needing a change of pace this role is for you! What your impact will be:

  • Support the development and implementation of EDB’s application security services to be consumed by product teams and within our global infrastructure. 

  • Serve as an expert on application security frameworks and objectives by assisting owners as they define new control activities and seek maturity in their development processes

  • Build tools, processes and solutions that improve the security of EDB’s products and data

  • Collaborate with internal engineering stakeholders on addressing systemic security issues

  • Grow and mature relationships with internal security SMEsin a way that bridges the gap between product teams and information security 

  • Support Vulnerability Disclosure Program, triage, assess and analyze vulnerability reports submitted through the VDP, prioritizing them based on severity, risk, and exploitability.

  • Coordinate vulnerability remediation, Work with internal development teams to reproduce, validate, and prioritize vulnerabilities. Facilitate timely patch development and deployment, ensuring efficient resolution.

  • Produce application security metrics that demonstrate a continually improving application security posture

  • Partner with InfoSec Program Management on the roadmap and execution of security initiatives.

  • Support and manage EDB’s Vulnerability Disclosure program 

  • Proficiency with threat modeling frameworks such as STRIDE, DREAD, PASTA, or OCTAVE.

  • Experience with threat modeling tools, especially the process of selecting and implementing a new tool to partner with a new threat modeling process.

  • Experience with Open Source Software (OSS) including familiarity with various open source licenses like MIT, GPL, Apache etc. 

  • Experience with implementation of security best practices related to securing the software supply chain, including patch management, vulnerability scanning, package management and tooling.

What you will bring:

  • Extensive experience working with developers and driving application security standards

  • Experience securing CI/CD pipelines enabling strong security controls through the implementation of commercial and custom built tooling

  • Conduct application design reviews and support the development of compensating security solutions

  • Drive the integration of secure development standards, tools, and processes into the development lifecycle

  • Experience in threat modeling frameworks and processes

  • Experience performing code audits on internal and open source libraries 

  • Experience with DAST, SAST, SCA as well as manual testing techniques

  • Ability to demonstrate strategic thinking beyond the specific responsibilities of the role

  • Effective communication skills with the ability to translate technical concerns into business risk impacts

  • Personal management of multiple projects, security events and incidents as required for the role

  • Seek to understand, lead with a collaboration first approach

  • Experience assessing technical footprints found within on-prem and cloud environments

  • Strong experience in NIST 800-218 SSDF, BSIMM, Owasp SAMM,  or similar frameworks

What will give you an edge:

  • RedTeam knowledge and experience

  • Experience performing security code reviews

  • Experience with IaaS cloud infrastructure, Infrastructure as code,  kubernetes container technologies, and software-oriented architecture

  • Knowledge of the MITRE ATT&CK Framework and attack chains

  • Experience building and operating security tools in Multiple Operating Systems and various languages (C, Go, JavaScript, Python, Ruby, etc)

 

About the job

Full-time
USA
3 Applicants
Posted 8 months ago
security
engineer
infosec
javascript
python
Enhancv advertisement

30,000+
REMOTE JOBS

Unlock access to our database and
kickstart your remote career
Join Premium

Staff Application Security Engineer

EDB
The job listing has expired. Unfortunately, the hiring company is no longer accepting new applications.

To see similar active jobs please follow this link: Remote Development jobs

Job Description:

As an Staff Application Security Engineer at EDB you will report directly to the Director of Information Risk Management as a trusted member of the CISO staff. Your role leads the transformation of the security and development processes within EDB, helping the organization identify, repair and protect against vulnerabilities throughout a secure software development lifecycle (SDLC). You are responsible for understanding multiple security frameworks, translating objectives, partnering with stakeholders and promoting best practices across all EDB products. The ideal candidate must be comfortable working in a global environment that supports flexible work schedules, and a distributed security model. Whether you are looking to expand autonomy in your role, build a new security foundation, or just needing a change of pace this role is for you! What your impact will be:

  • Support the development and implementation of EDB’s application security services to be consumed by product teams and within our global infrastructure. 

  • Serve as an expert on application security frameworks and objectives by assisting owners as they define new control activities and seek maturity in their development processes

  • Build tools, processes and solutions that improve the security of EDB’s products and data

  • Collaborate with internal engineering stakeholders on addressing systemic security issues

  • Grow and mature relationships with internal security SMEsin a way that bridges the gap between product teams and information security 

  • Support Vulnerability Disclosure Program, triage, assess and analyze vulnerability reports submitted through the VDP, prioritizing them based on severity, risk, and exploitability.

  • Coordinate vulnerability remediation, Work with internal development teams to reproduce, validate, and prioritize vulnerabilities. Facilitate timely patch development and deployment, ensuring efficient resolution.

  • Produce application security metrics that demonstrate a continually improving application security posture

  • Partner with InfoSec Program Management on the roadmap and execution of security initiatives.

  • Support and manage EDB’s Vulnerability Disclosure program 

  • Proficiency with threat modeling frameworks such as STRIDE, DREAD, PASTA, or OCTAVE.

  • Experience with threat modeling tools, especially the process of selecting and implementing a new tool to partner with a new threat modeling process.

  • Experience with Open Source Software (OSS) including familiarity with various open source licenses like MIT, GPL, Apache etc. 

  • Experience with implementation of security best practices related to securing the software supply chain, including patch management, vulnerability scanning, package management and tooling.

What you will bring:

  • Extensive experience working with developers and driving application security standards

  • Experience securing CI/CD pipelines enabling strong security controls through the implementation of commercial and custom built tooling

  • Conduct application design reviews and support the development of compensating security solutions

  • Drive the integration of secure development standards, tools, and processes into the development lifecycle

  • Experience in threat modeling frameworks and processes

  • Experience performing code audits on internal and open source libraries 

  • Experience with DAST, SAST, SCA as well as manual testing techniques

  • Ability to demonstrate strategic thinking beyond the specific responsibilities of the role

  • Effective communication skills with the ability to translate technical concerns into business risk impacts

  • Personal management of multiple projects, security events and incidents as required for the role

  • Seek to understand, lead with a collaboration first approach

  • Experience assessing technical footprints found within on-prem and cloud environments

  • Strong experience in NIST 800-218 SSDF, BSIMM, Owasp SAMM,  or similar frameworks

What will give you an edge:

  • RedTeam knowledge and experience

  • Experience performing security code reviews

  • Experience with IaaS cloud infrastructure, Infrastructure as code,  kubernetes container technologies, and software-oriented architecture

  • Knowledge of the MITRE ATT&CK Framework and attack chains

  • Experience building and operating security tools in Multiple Operating Systems and various languages (C, Go, JavaScript, Python, Ruby, etc)

 

Working Nomads

Post Jobs
Premium Subscription
Sponsorship
Free Job Alerts

Job Skills
API
FAQ
Privacy policy
Terms and conditions
Contact us
About us

Jobs by Category

Remote Administration jobs
Remote Consulting jobs
Remote Customer Success jobs
Remote Development jobs
Remote Design jobs
Remote Education jobs
Remote Finance jobs
Remote Legal jobs
Remote Healthcare jobs
Remote Human Resources jobs
Remote Management jobs
Remote Marketing jobs
Remote Sales jobs
Remote System Administration jobs
Remote Writing jobs

Jobs by Position Type

Remote Full-time jobs
Remote Part-time jobs
Remote Contract jobs

Jobs by Region

Remote jobs Anywhere
Remote jobs North America
Remote jobs Latin America
Remote jobs Europe
Remote jobs Middle East
Remote jobs Africa
Remote jobs APAC

Jobs by Skill

Remote Accounting jobs
Remote Assistant jobs
Remote Copywriting jobs
Remote Cyber Security jobs
Remote Data Analyst jobs
Remote Data Entry jobs
Remote English jobs
Remote Spanish jobs
Remote Project Management jobs
Remote QA jobs
Remote SEO jobs

Jobs by Country

Remote jobs Australia
Remote jobs Argentina
Remote jobs Brazil
Remote jobs Canada
Remote jobs Colombia
Remote jobs France
Remote jobs Germany
Remote jobs Ireland
Remote jobs India
Remote jobs Japan
Remote jobs Mexico
Remote jobs Netherlands
Remote jobs New Zealand
Remote jobs Philippines
Remote jobs Poland
Remote jobs Portugal
Remote jobs Singapore
Remote jobs Spain
Remote jobs UK
Remote jobs USA


Working Nomads curates remote digital jobs from around the web.

© 2025 Working Nomads.