Application Security Engineer

Day to Day:

Insight Global is looking for an Application Security Engineer for one of our top clients in the Sacramento market. This role is responsible for supporting DAST, SAST, repository, and vulnerability management tools in a production environment. The candidate will collaborate with internal teams and external partners to test applications and websites for security and performance. They will assist with onboarding developers, support organizational change management (OCM) efforts, and provide training on secure development tools and processes. The role requires close coordination with the Cyber GRC team to ensure cybersecurity policies and standards are effectively communicated and implemented. Candidates must have senior-level experience in DevOps, DevSecOps, SDLC, and advanced orchestration/versioning tools. Strong production experience with 5GL programming languages, SQL, and NoSQL databases is essential, along with expertise in LLM development and penetration testing. A deep understanding of state and federal healthcare privacy laws (including HIPAA, FDA, and CMS), and experience applying NIST, FIPS, and OWASP standards in healthcare environments is required. The ideal candidate will also possess senior-level knowledge of ethical hacking and open-source software licensing. Strong soft skills are essential, including the ability to build relationships across all organizational levels, present complex topics to diverse audiences, and document policies and procedures clearly.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.

Must Haves:
• 10+ years of cybersecurity experience (looking for consultant/SR manager level)
o DevOps, DevSecOps and SDLC experience
o DAST, SAST, Repository and Vulnerability tools experience building, implementing, and supporting in production at a senior level.
• Production experience in developing code with a 5GL language.
• Senior level knowledge of the NIST standards defined in 800-53, 800-171, FIPS 199 and FIPS 200 as applied to a healthcare environment.
• Senior level knowledge of OWASP and the OWASP secure software development methodology

Plusses:
• Experience administering or teaching Portswigger
• Experience administering or teaching Burp Suite

$70/hr to $85/hr.
Exact compensation may vary based on several factors, including skills, experience, and education.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.