Application Security Engineer

Confirmed live in the last 24 hours

EdgeConneX

Herndon, VA

Hybrid

Posted April 8, 2026

Job Description

Led by an experienced management team and supported by a strong investor group, including large and experienced institutions and strategic partners, EdgeConneX offers a dynamic, fast-paced work environment where we are bringing flexibility, proximity, power, and connectivity to some of the world’s key businesses. With major offices in Herndon, Denver, and Amsterdam, we have a global footprint and a unified team of employees committed to providing a premier customer experience and delivering the full spectrum of data center solutions, from core to edge, like no other data center provider can do.

Focused on driving innovation and helping our customers define and deliver their own unique vision for the Edge, at any scale, in any market worldwide, for any requirement, we are building tomorrow’s data center infrastructure, today for some of the world’s most demanding Network, Content, and Cloud customers.

Application Security Engineer

EdgeConneX is seeking a skilled and experienced Application Security Engineer to join our team. The ideal candidate will have at least five years of hands-on experience in application security, a bachelor’s degree or higher in Computer Science or a related field, strong knowledge of secure coding practices and relevant professional certifications. You will be responsible for ensuring the security of our software applications throughout the development life cycle, working closely with developers, architects, and IT teams to identify, remediate, and prevent security vulnerabilities. This position reports to our Global Head of Cybersecurity and is based in Herndon, VA and provides flexibility for a hybrid onsite work schedule. There is a limited amount of travel needed for this position, but the flexibility to do so would be ideal.

Primary Responsibilities

Conduct security assessments, code reviews, and penetration testing of web and mobile applications.
Integrate security into all phases of the SDLC, from design through deployment.
Perform application threat modeling, secure design reviews, and code reviews.
Implement and manage application security testing tools (SAST, DAST, SCA, IAST).
Collaborate with software development teams to integrate security best practices into the SDLC.
Identify, analyze, and remediate vulnerabilities using industry-standard tools and methodologies.
Develop and maintain security policies, standards, and guidelines for application development.
Monitor emerging threats, vulnerabilities, and security technologies to ensure proactive protection.
Provide guidance and training to developers on secure coding practices.
Participate in incident response activities related to application-level threats.
Prepare detailed security reports and documentation for stakeholders and compliance purposes.
Support compliance and audit requirements related to application security.
Perform Research & Development for AI Prompt Injection Attacks, Payloads for IoT devices (byte code may be required).

Required Education & Experience

Bachelor’s Degree or higher in Computer Science, Information Security, or a related discipline
5+ years of professional experience in application security engineering in addition to educational background and internships
Strong knowledge of:
- AI, web and mobile application architectures and common vulnerabilities (e.g., OWASP Top 10). Web application and API security
- Authentication, authorization, and session management
- Encryption and secure data handling
Experience with:
- Application security testing tools (SAST, DAST, SCA, IAST)
- CI/CD pipeline integration and DevSecOps practices
- Cloud-native application security (AWS, Azure, or GCP)
Hands-on experience with security tools such as Burp Suite, OWASP ZAP, SAST/DAST scanners, and similar.
Familiarity with secure coding practices in languages such as Java, C#, Python, or JavaScript.
Professional security certifications such as CSSLP, CISSP, CEH, GWA