All roles

Open role

[Remote] Application Security Engineer II

Remote · New Zealand Full-time

Note: The job is a remote job and is open to candidates in USA. National Digital Trust Company (In Organization) is a specialized financial institution focused on providing digital asset services. As an Application Security Engineer II, you will be responsible for designing and managing security practices for applications, collaborating with software engineers to ensure security is integrated throughout the software development lifecycle.

Responsibilities

  • Perform automated and manual vulnerability assessments for APIs and web applications
  • Conduct static (SAST), dynamic (DAST), software composition analysis (SCA), and interactive (IAST) testing
  • Review findings for exploitability and provide actionable remediation guidance
  • Perform manual testing to validate vulnerabilities and ensure secure implementations
  • Partner with developers to embed security into the SDLC
  • Participate in and help manage the secure code review approval process
  • Perform product threat modeling and develop threat-focused validation checks
  • Ensure new projects are designed, scoped, and deployed securely
  • Implement, manage, and optimize application security tools across the organization
  • Support the operational management of AppSec programs and workflows
  • Manage cloud security for both internally developed and third-party applications
  • Contribute to internal security documentation, playbooks, and best practices
  • Support Red Team exercises and external penetration testing engagements
  • Assist in triaging and responding to bug bounty submissions
  • Perform validation testing to ensure applications meet internal and industry security standards
  • Investigate security incidents through research and log analysis
  • Contribute to incident response processes, documentation, and continuous improvement
  • Build or enhance internal tooling to automate security testing, compliance checks, and evidence collection
  • Write scripts and utilities to improve efficiency and scalability
  • Evaluate and experiment with new tools to improve application security outcomes
  • Serve as a security subject matter expert for engineering and business teams
  • Promote a strong, approachable security culture across the organization
  • Operate flexibly across multiple responsibilities in a fast-growing environment

Skills

  • 3–5+ years of experience in Information Technology, including security tooling
  • 3–5+ years of experience as an Application Security Engineer
  • 1–3+ years of experience in regulated environments (e.g., financial services, fintech)
  • Strong understanding of web application security principles and architecture
  • Experience with container technologies and container security
  • Proficiency in at least one programming language, with willingness to learn additional languages (e.g., Rust, TypeScript)
  • Experience with CI/CD pipelines and source control tools (Git, GitHub)
  • Experience evaluating Infrastructure-as-Code (IaC) security across cloud environments
  • Familiarity with bug bounty programs (participation or triage)
  • Understanding of OWASP Top 10 and application security best practices across web, DevOps, and emerging AI systems
  • Strong problem-solving, analytical thinking, and ability to adapt quickly
  • Experience implementing security controls within DevOps / DevSecOps environments
  • Knowledge of application security risks and mitigation strategies
  • Familiarity with frameworks and standards such as: NIST 800-53 / CSF 2.0, NIST SSDF (800-218), SOC 2, PCI-DSS, PA-DSS
  • Understanding of Content Security Policy (CSP)
  • Ability to identify and explain vulnerabilities such as: XSS, CSRF, injection attacks, MITM attacks, Brute-force and credential attacks
  • Interest in financial services, digital assets, and custodial security
  • Experience working with AI tools and understanding of security considerations for generative AI
  • Familiarity with AI-assisted development workflows, agent-based systems, or MCP-based tools
  • Willingness to learn and adapt to AI-driven SDLC environments
  • Curiosity and a continuous improvement mindset
  • Ability to balance security rigor with engineering velocity
  • Strong communication skills and ability to influence across teams
  • Passion for building scalable, practical security solutions

Benefits

  • Employer-provided: Medical, Dental, and Vision insurance, 401(k), life and disability insurance.

Company Overview

  • It was founded in undefined, and is headquartered in , with a workforce of 51-200 employees. Its website is https://www.nationaldigital.com.
  • More open positions

    [Remote] Head of Business Development- Eastern US

    Work from home Full-time role

    [Remote] Vice President - Sales

    Work from home Full-time role

    [Remote] Senior Director, Patient Support Program Operations

    Work from home Full-time role

    [Remote] Senior Revenue Accountant

    Work from home Full-time role

    [Remote] Analyst - Legal Operations

    Work from home Full-time role

    Senior Enterprise Account Executive - Telecom

    Work from home Full-time role

    Experienced Data Entry Operator – Remote Work Opportunity with careerzynith

    Work from home Full-time role

    Fusion Expansion Sales Rep - Czech

    Work from home Full-time role

    Capture Director

    Work from home Full-time role

    Enterprise SDR

    Work from home Full-time role

    CLINICAL PRODUCT OWNER (PRIOR AUTHORIZATIONS SME)

    Work from home Full-time role

    Experienced Home-Based Data Entry Specialist – Remote Customer Service and Travel Coordination

    Work from home Full-time role

    Remote Customer Experience Specialist – Aviation Support & Passenger Relations (Work From Home)

    Work from home Full-time role

    Treasury Analyst, Regulatory Operations (FCM)United States/Remote

    Work from home Full-time role

    [Hiring] Health Information Management Technician @Banner Health

    Work from home Full-time role

    Software Engineer

    Work from home Full-time role

    Entry-Level Remote Data Entry Specialist – Precision Data Management & Quality Assurance at careerzynith

    Work from home Full-time role

    Clinical Review Pharmacist (US-based Remote Contractor)

    Work from home Full-time role

    [Remote] REMOTE Financial Analyst (3+ yrs of exp. req. $90-100K)

    Work from home Full-time role

    Quality Assurance Specialist, Patient Engagement

    Work from home Full-time role

    [Remote] Account Executive, Enterprise Content Services

    Work from home Full-time role