TL;DR

Application Security Engineer (Cybersecurity): Supporting application security through security testing, vulnerability management, secure design collaboration, automation, and incident response. Focus on integrating security into CI/CD pipelines, conducting security assessments, and collaborating with developers on secure coding practices.

Location: Onsite in Arlington, United States

Company

Bloomberg Industry Group is a leading source of legal, tax, regulatory, government, and business information for professionals.

What you will do

  • Participate in application security practices including SAST, DAST, SCA, and penetration testing.
  • Support vulnerability management processes.
  • Develop, deploy, and automate security tools and processes.
  • Collaborate with software engineers to design and review security features.
  • Support security incident identification and resolution as part of the incident response team.
  • Stay updated on emerging security trends and tools.

Requirements

  • Location: Must be based in the United States
  • Basic knowledge of security principles and best practices.
  • Familiarity with programming languages such as Python, Java, or JavaScript.
  • 0-2 years of relevant experience or equivalent education.
  • Exposure to security testing tools like SAST, DAST, SCA, or vulnerability management platforms.
  • Ambition to grow into AI Security and Security Engineering.

Nice to have

  • Certifications like CompTIA Security+, Pentest+, or Certified DevSecOps Professional.
  • Experience with CI/CD pipelines (GitLab, GitHub Actions, Jenkins).
  • Experience with cloud environments such as AWS.
  • Secure coding or code review experience.
  • Participation in security communities or CTF events.

Culture & Benefits

  • Equal opportunity employer with a strong non-discrimination policy.
  • Supportive environment for learning and growth in application security.