Application Security Engineer

Application Security Engineers identify risks and drive improvements in applications.

Role overview

The Application Security Engineer develops and tests security components that make an application more secure. They proactively test their security posture from an attacker's perspective, help shape engineering best practices, improve and drive application security monitoring, and work with the security team to educate engineers on emerging threats.

Application Security Engineers

may also be referred to as:

Application And API Security Architect

Application Security Architect

Application Security Engineer

Appsec Engineer

Ethical Hacker Application Security

Information Security Applications Code Assessor

Security Application Engineer

Web Application Engineer

Career Path

Map your career path by understanding role relationships

Average Salary

Based upon experience, salary for this role ranges from:

$177,500

National Average

$201,250

$225,000

* based upon those with two plus years of cybersecurity experience

Responsibilities

• Defining and embedding technical security policies, principles, and standards within the application.

• Driving and supporting application security reviews and threat modeling, including code review and dynamic testing.

• Managing and performing application security vulnerability management.

• Facilitating and supporting the preparation of security releases.

• Supporting and consulting with product and development teams in the area of application security.

• Creating and leading security training for their team.

• Assisting in the development of automated security testing to ensure the organization is following best practices.

Tools & Environment

Application Security Engineers need to use tools like Java, Scala, Typescript, Python, and Javascript, coding and scripting, and security assurance tools. They also need experience securing public-facing endpoints and remediating vulnerabilities found in code.

Certifications

Category	Organization	Certification
Defense	(ISC)2	CISSP-ISSEP
Defense	(ISC)2	SSCP
Defense	(ISC)2	CCSP
Defense	(ISC)2	CAP
Defense	Alibaba	ACA
Defense	Alibaba	ACP
Defense	Alibaba	ACE
Defense	AWS	Certified Security
Defense	CertNexus	ITS
Defense	Check Point	CCSA
Defense	Check Point	CCSE
Defense	Cisco	CCNA Security
Defense	Cisco	CCNP Security
Defense	Cisco	CCIE Security
Defense	Cisco	CCNA CyberOps
Defense	Cloud Credential Council	PCSM
Defense	CompTIA	Security+
Defense	CompTIA	CySA+
Defense	CompTIA	CASP
Defense	CREST	CCWS
Defense	CREST	CPTIA
Defense	CREST	CRTIA
Defense	CREST	CCTIM
Defense	CREST	CPIA
Defense	CREST	CRIA
Defense	CREST	CCNIA
Defense	CREST	CCHIA
Defense	CREST	CCMRE
Defense	CSA	CCSK
Defense	EC-Council	CND
Defense	EC-Council	EDRP
Defense	EC-Council	CTIA
Defense	EC-Council	CSA
Defense	EC-Council	ECSS
Defense	EITCI	EITCA/IS
Defense	eLearnSecurity	eNDP
Defense	eLearnSecurity	eCRE
Defense	eLearnSecurity	eCTHP
Defense	EXIN	CIT-F
Defense	Fortinet	NSE 4
Defense	Fortinet	NSE 5
Defense	Fortinet	NSE 6
Defense	Fortinet	NSE 7
Defense	Fortinet	NSE 8
Defense	GAQM	CISP
Defense	GIAC	GSEC
Defense	GIAC	GCIA
Defense	GIAC	GISF
Defense	GIAC	GCED
Defense	GIAC	GCWN
Defense	GIAC	GPPA
Defense	GIAC	GMON
Defense	GIAC	GCCC
Defense	GIAC	GCUX
Defense	GIAC	GDAT
Defense	GIAC	GMOB
Defense	GIAC	GAWN
Defense	GIAC	GREM
Defense	GIAC	GCTI
Defense	GIAC	GISP
Defense	GIAC	GWEB
Defense	GIAC	GICSP
Defense	GIAC	GRID
Defense	GIAC	GCIP
Defense	GIAC	GEVA
Defense	GIAC	GOSI
Defense	GIAC	GCSA
Defense	Google	PCSE
Defense	HISPI	HISP
Defense	IACRB	CDRP
Defense	IACRB	CEREA
Defense	IACRB	CREA
Defense	IACRB	CSSA
Defense	IBITGQ	C CR P
Defense	IBITGQ	CITGP
Defense	IBITGQ	C CS F
Defense	ISACA	CSX-F
Defense	ISACA	CSX-T
Defense	ISACA	CSX-P
Defense	ISECOM	OPSA
Defense	ISECOM	OPSE
Defense	Juniper	JNCIA-SEC
Defense	Juniper	JNCIS-SEC
Defense	Juniper	JNCIP-SEC
Defense	Juniper	JNCIE-SEC
Defense	Juniper	JNCDS-SEC
Defense	Lunarline	CECS
Defense	Lunarline	CESA
Defense	McAfee Institute	CCII
Defense	McAfee Institute	CCIP
Defense	McAfee Institute	CSMIE
Defense	McAfee Institute	SMIA
Defense	McAfee Institute	CCTA
Defense	McAfee Institute	C\|OSINT
Defense	Microsoft	AZ-500
Defense	Mile2	C)SA2
Defense	Mile2	C)SP
Defense	Mile2	IS20
Defense	Mile2	C)VA
Defense	Mile2	C)DRE
Defense	Mile2	C)VCP
Defense	Mile2	C)VE
Defense	Mile2	C)CSO
Defense	Mile2	C)VSE
Defense	Mile2	C)ISS
Defense	Palo Alto	PCCSA
Defense	Palo Alto	PCNSA
Defense	Palo Alto	PCNSE
Defense	Redhat	EX415
Defense	Redhat	EX425
Defense	SECO-Institute	S-ISF
Defense	SECO-Institute	S-ISP
Defense	SECO-Institute	S-ITSF
Defense	SECO-Institute	S-ITSP
Defense	SECO-Institute	S-ITSE
Defense	SECO-Institute	S-DWF
Defense	Symantec	250-215
Defense	Symantec	250-420
Defense	Symantec	250-426
Defense	Symantec	250-428
Defense	Symantec	250-430
Defense	Symantec	250-433
Defense	Symantec	250-438
Defense	Symantec	250-440
Defense	Symantec	250-441
Defense	Symantec	251/250-443
Defense	Symantec	250-444
Defense	Symantec	250-445
Defense	Symantec	251/250-446
Defense	Symantec	251/250-447
Defense	Symantec	251/250-551
Defense	Symantec	250-556
	Organization