Application Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Stefanini North America and APAC · 2 days ago

Application Security Engineer

positionAtlanta, GA
timeFull-time
remoteOnsite
seniorityMid, Senior Level
date4+ years exp

Stefanini Group is a global provider of outsourcing and IT consulting services. They are seeking an Application Security Engineer to lead penetration-testing engagements for web applications and APIs, conduct threat-modeling workshops, and manage security design reviews in collaboration with engineering teams.

Information TechnologyOutsourcing
check
H1B Sponsor Likelynote

Responsibilities

Penetration Testing
Plan, execute, and document manual and tool-assisted tests for enterprise-scale web apps and REST/GraphQL/gRPC APIs
Demonstrate exploitation paths (auth / logic / data exposure) and develop proofs-of-concept
Retest remediations and deliver clear, prioritized reports
Threat Modeling & Security Design Review
Facilitate formal and informal Threat Modeling using STRIDE-like frameworks or Attack-Tree sessions for new or significantly modified services
Produce risk artefacts, recommend mitigations, and track closure of findings
Security Engineering & Advocacy
Champion secure-by-default patterns (least privilege, IaC hardening, SDL best practices) across the SDLC
Contribute to internal security tooling and CI/CD guardrails

Qualification

Penetration TestingBurp Suite ProPythonSTRIDE FrameworkCloud-native EnvironmentsOffensive-security CertificationsSecure CodingCommunication SkillsDetail-orientedSelf-drivenTeam Player

Required

Bachelor's degree in Computer Science, Engineering, or equivalent practical experience
4 + years in product or application security engineering with hands-on web/API penetration-testing work
Expertise with a leading pentest platform (Burp Suite Pro, OWASP ZAP, Nuclei, etc.)
Scripting/automation ability in Python, Go, or similar; quick at reading unfamiliar codebases
Practical experience with STRIDE or comparable threat-model frameworks
Familiarity with cloud-native environments (microservices, Kubernetes, serverless)
Communication: Exceptional written and verbal skills for both technical and non-technical audiences

Preferred

Offensive-security certifications (OSCP, OSWE, OSWA, BSCP)
Secure-coding experience in languages such as: Java, Node.js, C#, Python, or Rust
Experience in security controls for cloud platforms such as AWS, Azure, or Google Cloud
Open-source contributions, bug-bounty recognitions, or CTF placements
Exposure to mobile or desktop application security
Knowledge of or interest in AI security controls and testing

Company

Stefanini North America and APAC

twittertwittertwitter
Glassdoor3.8
company-logo
Global Tech Consulting Company All in One. Stefanini is a Brazilian multinational company with 37 years of experience and presence in 41 countries.
dateFounded in 1987
location
Kölln-reisiek, Schleswig-Holstein, DEU
people-size10001+ employees
web-link
http://www.stefanini.com/EN

H1B Sponsorship

Stefanini North America and APAC has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (13)
2024 (11)
2023 (13)
2022 (18)
2021 (14)
2020 (12)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Spencer Gracias
CEO, North America/APAC
linkedin
leader-logo
David Gawenda
Chief Operating Officer NA/APAC Region
linkedin

Recent News

DBusiness Magazine
Stefanini in Southfield Launches AI-powered Cybersecurity Solution
2025-12-30
Business News Americas
After restructuring, Brazilian IT multinational Stefanini targets accelerated expansion in 2026
2025-12-13
Business Wire
Brazilian Enterprises Modernize Supply Chains with AI
2025-11-04
Company data provided by crunchbase