Application Security Engineer
Purpose Brands LLC
Purpose Brands, the parent company of Orangetheory, Anytime Fitness, Waxing the City, and The Bar Method, is seeking a Application Security Engineer to join its team. This is a great position for someone who is looking to expand their career, and join a company with a fun, fast-paced and inspirational culture.
The Application Security Engineer will report to the Staff Security Engineer and will be responsible for advancing application security capabilities as part of a DevSecOps operating model. This role focuses on embedding security controls, automation, and secure development practices directly into the software delivery lifecycle for cloud-based applications.
- Embed application security practices into all phases of the software development lifecycle (SDLC) , from design through deployment and maintenance
- Perform application security assessments including static code analysis (SAST), dynamic testing (DAST), and software composition analysis (SCA)
- Develop and maintain threat models for critical systems and applications, collaborating with engineering teams to identify threats, assess risk, and drive remediation efforts
- Promote secure coding practices and contribute to secure development standards aligned with OWASP and industry best practices
- Partner with engineering and DevOps teams to integrate security tooling into CI/CD pipelines , enabling automated and repeatable security testing
- Analyze and manage vulnerability findings from tools such as GitHub Dependabot , application scanners, and cloud-native security services
- Help tune security tooling to reduce false positives and improve signal quality for development teams
- Support the adoption of security automation to improve consistency, efficiency, and scalability across application environments
- Assist in securing applications deployed across AWS and Azure , including workloads running on IaaS, PaaS, and container-based platforms
- Identify risks to the confidentiality, integrity, and availability of application data hosted in cloud-based environments
- Collaborate with cloud and platform security engineers to ensure application security controls align with broader cloud security architecture
- Triage, prioritize, and track remediation of application vulnerabilities based on risk and business impact
- Assist in security investigations involving application vulnerabilities or security events
- Participate in periodic reviews of application security controls to validate effectiveness and compliance with organizational standards
- Act as a security partner to engineering teams by providing guidance, education, and actionable recommendations
- Contribute to the continuous improvement of application security processes, standards, and metrics
- Support governance, risk management, and compliance initiatives as they relate to application security
- Bachelor's degree in Computer Science, Information Systems, Engineering, or a related field
- 3-5 years of experience in application security, security engineering, or software engineering with a strong security focus
- Hands-on experience performing code reviews and application security testing across modern languages, frameworks, and APIs
- Experience working with application security tools such as SAST, DAST, and dependency scanning (e.g., GitHub Dependabot or similar)
- Strong understanding of OWASP Top 10 , secure coding principles, authentication/authorization, and API security
- Practical experience supporting applications running in AWS and/or Azure cloud environments
- Familiarity with CI/CD pipelines, DevOps workflows, and DevSecOps concepts
- Ability to communicate security risks and remediation guidance clearly to developers and non-security stakeholders
- Strong analytical skills with the ability to balance security risk with delivery velocity
Security+, CSSLP, GWAPT, GWEB, CEH, or other application security-focused certifications What's in it for you? We offer a competitive salary along with exceptional benefits such as:
- Medical, Dental and Vision Coverage
- Hybrid Work Environment
- Life and Disability Insurance
- Unlimited Time off + Paid Holidays
- Flexible Friday's between Memorial Day and Labor Day
- 401(K) Savings Plan Matching at 4%
- 10 Coaching and Therapy sessions
- Mental Health Benefits
- Brand Discounts & Reimbursements
- In-house workout facilities
- Professional Development Opportunities
- Team Building, Employee Engagement Activities & so much more
Purpose Brands LLC, currently observe the following hybrid work model for employees at our Boca Raton (FL), Woodbury (MN), and Seattle (WA) offices:
- Remote optional: Fridays
- On-site days: Mondays, Tuesdays, Wednesdays and Thursdays
Purpose Brands is committed to encouraging, facilitating, and upholding an environment centered on diversity, equity, and inclusion across every facet of the Purpose Brands. We will work to create a sustainable culture that supports a healthy space for learning and growing, valuing, and empowering every employee, inspiring a diverse franchise network, and uplifting the members and communities we serve. EEO STATEMENT
Purpose Brands provides equal employment opportunity to all individuals regardless of their race, color, creed, religion, gender, age, sexual orientation, national origin, disability, veteran status, or any other characteristic protected by state, federal, or local law. Discrimination of any type will not be tolerated.
Vacancy posted more than 2 months ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Application Security Engineer. Be the first to apply!
Related searches
- senior application support engineer Boca Raton, FL
- software applications developer Boca Raton, FL
- app developer Boca Raton, FL
- senior cloud security engineer Boca Raton, FL
- sr information security engineer Boca Raton, FL
- aws cloud security engineer Boca Raton, FL
- application team lead Boca Raton, FL
- app Boca Raton, FL
- oracle apps technical consultant Boca Raton, FL
- senior application administrator Boca Raton, FL