Lead Application Security Engineer
Carter's
Serving the needs of all families with young children, Carter’s Inc. is the largest North American apparel retailer exclusively for babies and young children, encompassing Carter’s, OshKosh B’gosh, Skip*Hop and Little Planet brands. Meaningful work, constant learning, genuine people, and a community guided by core values that promote inclusion and innovation is in everything we do. There are many reasons to build your career at Carter's. How You’ll Make An Impact The Lead Security Engineer – Application Security is a senior technical leader within the IT Security team, reporting to the Sr. Director, IT Security. This role serves as the primary architect and subject matter expert for application security across the enterprise, owning the AppSec program strategy, standards, and tooling roadmap. Working autonomously and with broad organizational influence, the Lead exercises expert-level judgment to define how security is built into software from the ground up. A critical distinction of this role is hands‑on experience with artificial intelligence: the Lead is expected to build, secure, and govern AI-powered capabilities as they become embedded in Carter’s applications and infrastructure. The Lead acts as a force multiplier – elevating the security posture of every engineering team they engage with and translating complex risk into clear, actionable direction for both technical and business stakeholders. Key Responsibilities Application security, architecture & standards (25%) Defining and owning the enterprise application security architecture, standards, and secure‑by‑default patterns Establishing and maintaining AppSec tooling strategy, evaluating vendors, and driving adoption across engineering teams Leading threat modeling sessions for critical applications and new product features Serving as the final technical authority on AppSec decisions, including security design reviews and architecture signoffs Secure code review, API security & advanced testing (25%) Conducting and directing advanced secure code reviews, SAST/DAST assessments, and manual penetration testing across web, mobile, and API surfaces Owning API security standards including REST and GraphQL, enforcing OWASP API Top 10 controls and authentication/authorization design patterns Driving vulnerability triage, risk prioritization, and remediation accountability across development teams at scale DevSecOps engineering & platform ownership (20%) Owning the DevSecOps toolchain: designing, deploying, and maturing security gates within CI/CD pipelines enterprise-wide Acting as the primary security partner to engineering leadership, embedding security into system design, SDLC processes, and platform decisions Driving continuous improvement of AppSec metrics, dashboards, and KPIs to demonstrate program maturity and risk reduction AI security – build, secure & govern (20%) Hands‑on building and deploying AI‑powered security tooling and automation (e.g., AI‑assisted code review, threat detection, or vulnerability triage) Securing AI/ML integrations and connectors: assessing prompt injection, data leakage, model supply chain, and third‑party AI service risks Developing and enforcing AI governance policies: defining acceptable use, security review gates, and risk acceptance criteria for AI adoption Risk governance, compliance & cross‑functional leadership (10%) Representing the IT Security team in architecture reviews, cross‑functional planning, and executive risk reporting Owning security policy and standards documentation relevant to application security, AI use, and API governance Leading AppSec representation in PCI‑DSS, NIST, and OWASP compliance audits and evidence collection Travel Requirements Open to travel between various Carter’s offices as needed. Must Have 5+ years of application security, software engineering, or secure code review experience Strong proficiency in one or more languages (e.g., Python, Java, JavaScript, Go) with ability to perform in-depth code review and threat modeling Experience with SAST/DAST tooling (e.g., Snyk, SonarQube, Semgrep, Checkmarx, Burp Suite, OWASP ZAP) and ownership of AppSec program design Proven communication and presentation skill set abilities with multilevel stakeholders Ability to meet deadlines and work with management across various disciplines Proven collaborative experience with cross functional teams Ability to perform on‑call duties during off‑hours and holidays An adaptable and flexible attitude towards changing business needs Preferred Skills And Experience Bachelor’s degree in computer science or related field Demonstrated experience leading or conducting red team, penetration testing, or adversarial simulation exercises Experience designing and scaling security observability pipelines, including log analysis and application‑layer telemetry Working knowledge of PCI‑DSS, NIST, OWASP, and other regulatory frameworks; experience representing security in audit and compliance reviews Proven experience securing cloud‑native or hybrid‑cloud application environments (AWS, Azure, or GCP) Hands‑on experience building, deploying, or integrating AI/ML‑powered tools, combined with the ability to assess and govern their security posture (prompt injection, data leakage, model supply chain risks) Proven ability to define and enforce security standards across engineering organizations; prior experience owning a security capability or domain Security+, ISC2 CC, CompTIA A+, CompTIA Network+, SSCP, CCT, GWEB, CSSLP, CEH, or OSCP certifications Carters is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, genetics, disability, age, veteran status, or any other status protected by federal, state, or local law. #J-18808-Ljbffr
$150.2k - $225.4k
...About the team: The Information Security organization advances the overall state of... ...About the role: Rubrik is seeking an Application Security Engineer. In this role, you will be responsible... ...Security and AI Operations Company, leads at the intersection of data protection...SuggestedWork experience placementLocal areaRemote workShift work- Black Duck is looking for an experienced Technologist to join their Implementation and Services Team, focusing on application security products. This role requires strong software development skills, client consultation experience, and the ability to deploy SaaS and on...SuggestedRemote job
$220k - $270k
Application Security Engineer - Staff 2 Primary Locations: Hybrid - 3 days in office in either Atlanta, GA or Mountain View, CA. Remote candidates... ...patterns, and guardrails adopted by engineering teams at scale. Lead threat modeling across distributed, cloud‑native, and...SuggestedTemporary workWork at officeRemote workVisa sponsorshipShift work3 days per week- ...in Atlanta, GA, is seeking a Staff Product Security Engineer to secure digital products and AI tools. This individual will lead security reviews, conduct penetration testing... ...experience in security, particularly with application, cloud, and AI systems. This role offers...SuggestedRemote job
- ...and support capacity planning to optimize performance Conduct security checks, recovery drills, and compliance audits, implement... ...work with cross‑functional teams Required Skill And Experience Application Security Testing: Conduct SAST/SCA using GHAS and DAST using Burp...SuggestedTemporary workRelocationShift work
- Infosys, located in Atlanta, Georgia, is seeking an Infrastructure Consultant 2 who will play a vital role in resolving complex incidents, conducting IT infrastructure assessments, and designing scalable solutions. The position emphasizes collaboration with client teams...
$220k - $270k
Omnissa is seeking a Staff 2 Application Security Engineer in Atlanta, GA. This senior role will set the direction for securing software across Omnissa... ...12 years of application security experience, a knack for leading security architecture, and proficiency in programming....Work at office- A leading IT consulting firm is seeking an IT Applications Security Engineer/Analyst for an 11-month contract in Atlanta, GA. This position focuses on identifying and mitigating security risks in client applications while ensuring secure software development practices....Contract workLocal areaImmediate start
- IT Applications Security Engineer/Analyst Contract 360 IT Professionals is a California base Minority Business Enterprise specializing in the field... .... Since our Inception we have been providing industry leading IT solutions for Staffing and Software Development. We...Contract workLocal areaImmediate start
- A tech company is seeking a Windows Application Security Developer to lead the remediation of security vulnerabilities in legacy Windows applications. The role requires expertise in VB6, .NET (C# and/or VB.NET), and secure coding practices. Candidates should have extensive...
- ...package designed to provide the security they need to enjoy life at... ...this position is to provide engineering support for all aspects of... ...design pressures for product application. Develops product... ...conditions and requirements. Leads the production of or produces...Contract workLocal areaImmediate startWork from home
$105k - $130k
...R10091019 Applications Engineer (Open) Location: Twinsburg, OH (AES) - Management - ALTECAtlanta... ...support growing families. Future Security: 401(k) Retirement Plan with company... ...Work with local sales teams to find leads through business development...Full timeTemporary workFor contractorsLocal areaRemote workRelocationNight shiftWeekend work- ...Application Engineer Tech Savy Collaborates Optimizes Work Processes If you are an Application Engineering professional looking for an opportunity to grow, Emerson has an exciting opportunity for you! Based in our Reno NV manufacturing facility reporting to the Engineer...Flexible hours
- ...qualities to work on solutions that matter. If you're ready to grow and make an impact, we'd love to be on your team. As an Application Engineer with AWC you will be individually supporting our sales team by working with customers to understand their applications and...Work at office
- ...administration, or similar operational role. ~ Hands-on experience with application deployments and building CI/CD pipelines. ~ Experience with... ...logs ~ Work closely with infrastructure, application, and security teams to support integrated system requirements ~...Contract workNight shift
- ...Application Engineer We are seeking a System/Application Engineer to work closely with Data, ETL, and product teams to design, build, and support application environments for both third-party and custom products. This role requires a strong understanding of application...
- ...Job Summary As an Applications Engineer within our Intralogistics Solutions Group, you will promote Carolina Handling both internally and externally, working closely with Sales and Operations. You will support the sale of racking and other non-automation material handling...Work at officeHome officeFlexible hoursShift workNight shift
- ...Job Title: Entry-Level Robotics Aftersales Engineer Location: Detroit, MI Employment Type: Full-time (on-site) About the job We are... ...product series that support a wide range of material handling applications. With over 750 projects delivered in more than 30 countries, VisionNav...Full timeWork experience placementWork at officeOverseas
- ...teams on software projects, design complex software programs and applications, and incorporate client feedback into software product... .../ Description of Operation Documents REQUIRED QUALIFICATIONS Engineering degree, preferably in Electrical, Mechanical (Mechatronics Option...Work at office
$75k - $100k
...manufacturers, precision sheet metal producers, OEMs, and industrial manufacturers across North America. They are seeking a Field Applications Engineer to install, commission, optimize, and support fiber laser cutting systems at customer facilities. This highly visible,...Contract workRemote work- ...develop sophisticated Robotics and Vision applications quickly and easily ( Common uses... ...dispensing. Eureka's customers include industry-leading companies such as Toyota, Honda, Denso,... .... About this role As Application Engineer, your mission is to support the...Work experience placementWork at officeWorldwideWork visa
- ...About the job Application Solution Engineer, Servo Motor & Motion Control | Mandarin Preferred Job brief We are currently partnering with a leading industrial automation enterprise to recruit a full-time, US-based Application Solution Engineer focused on...Full timeContract workWork experience placement
- ...Global-e (Nasdaq: GLBE) is the world’s leading platform to enable and accelerate global, direct-to-consumer cross-border e-... ...hundreds of retailers and brands worldwide. We're looking for an Application Support Engineer to join our Technical Operations team to make sure all our...Full timeWorldwide
$47.85 - $57.85 per hour
...local fixed-duration project-based work powered by Accenture, a leading global professional services company. Accenture is... ...design, building, testing, and implementation of Epic integration application systems. Works with clinicians to create or adapt written protocols...Hourly payWork experience placementLive inWork at officeLocal areaFlexible hours- ...We are seeking a skilled Application Support Engineer with expertise in Linux, command-line scripting, integration, and relational databases to support critical software applications. The successful candidate will focus on troubleshooting, automation, and process enhancement...
- We are seeking a Low Voltage Motor Application Engineer with strong experience in industrial electric motor applications to support customer-... ...in motor application engineering or technical sales from a leading motor manufacturer or distributor and is comfortable operating...WorldwideHome office
- Carolina Handling is seeking an Applications Engineer to support the sales and technical activities for material handling solutions. This role involves promoting solutions, assisting sales representatives, coordinating across departments, and managing customer proposals...Work at office
- WorldWide Electric Corporation is looking for a Low Voltage Motor Application Engineer in Atlanta, Georgia. This position demands a strong background in industrial electric motor applications, focusing on customer-facing technical solutions and product development. Responsibilities...Remote jobWork at officeWork from homeWorldwideHome office
- ...to keep up with their changing needs. This all starts with our greatest asset…our employees. What You Will Be Doing: The application engineer applies sound engineering practices makes recommendations as to the appropriate application/installation of the engine product...Temporary workWork at officeLocal areaFlexible hoursNight shift
- The RMS Applications Engineer (RMS AE) is responsible for providing in-depth, technical, application support to the North America (NA) Radiation... ...(RMS) sales and operations teams. The RMS AE will take lead on developing detailed technical proposals for the RMS product...Contract work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Lead Application Security Engineer. Be the first to apply!
- lead algorithm engineer Atlanta, GA
- lead product engineer Atlanta, GA
- lead structural engineer Atlanta, GA
- lead operating engineer Atlanta, GA
- lead industrial engineer Atlanta, GA
- lead automation engineer Atlanta, GA
- lead engineer Atlanta, GA
- lead infrastructure engineer Atlanta, GA
- lead network engineer Atlanta, GA
- lead system engineer Atlanta, GA

