Apply on Employer Site

Dotdash Meredith · 3 hours ago

Application Security Engineer

United States

Full-time

Remote

Entry, Mid Level

$115K/yr - $135K/yr

2+ years exp

Dotdash Meredith is seeking an Application Security Engineer to enhance security practices across their software development lifecycle. The role involves supporting development teams, managing vulnerabilities, and integrating security solutions into the SDLC process.

AdvertisingDigital MediaPrinting

Responsibilities

Function as a subject matter expert for security solutions within the organization’s platform

Integrate security solutions into the SDLC process

Work with development teams to improve the security of CI/CD processes by ensuring version control for source code, scanning code for vulnerabilities in the build pipeline, and ensuring public/private repositories are trusted and secure

Design and develop coding standards across infrastructure, application, and data security, building out guidelines and standards to drive a standardized set of security requirements that align with internal policies and meet external compliance/regulatory requirements

Help evolve application security functions and services

Prioritize, triage and remediate vulnerabilities and findings from security scans and bug bounty programs

Review security test results from vulnerability scans and penetration tests and propose appropriate remediation measures or mitigation controls, conduct a remediation plan and supervise its progress

Improve and support application security tool deployments including static analysis, dynamic testing and software composition analysis tools

Conduct security code reviews for various languages and frameworks of web and mobile applications

Identify security exposures and develop mitigation plans

Investigate and report vulnerabilities in systems and platforms

Assess the application threat landscape through threat modeling and architecture reviews

Develop metrics and reporting on the posture of the application security program

Qualification

Application Security ToolingVulnerability ManagementSDLC Best PracticesDevelopment in JavaDevelopment in PythonDevelopment in JavaScriptThreat ModelingStatic Code AnalysisPenetration TestingMultitaskingAttention to DetailCommunication SkillsTeam Collaboration

Required

Bachelor's degree in Business, Management, Information Systems, OR equivalent professional experience

2+ years experience in a security technical role or software development

Experience with application security tooling and processes, including code review, static code analysis, penetration testing, risk management, etc

Experience with data encryption, cryptography and encryption key management

Experience with configuration management and DevOps practices to ensure security is built into the SDLC process

Development experience in Java, JavaScript and Python

Scripting and automation experience using RESTful APIs

Knowledge of SANS/CWE Top 25, OWASP Top 10 Application Security principals

Strong knowledge and experience in implementing SDLC best practices

Knowledge with Git and version control best practices

Ability to innovate and find creative solutions that balance business needs with security needs

Familiarity with application layer assessment tools, such as local proxies and fuzzers

Familiarity with threat modeling and security design review methodologies

Solid understanding of OSI model, TCP/IP, HTTP and TLS

Knowledge of C.I.A. (confidentiality, integrity, availability) security principles and D.I.E. (distributed, immutable and ephemeral) security model

Passion for application security and continuous learning

Able to concisely communicate security risks to both technical and business audiences

Attention to detail

Ability to work independently, and as part of a team

Ability to multitask and prioritize work effectively

Benefits

Medical

Dental

Vision

Prescription drug coverage

Unlimited paid time off (PTO)

Adoption or surrogate assistance

Donation matching

Tuition reimbursement

Basic life insurance

Basic accidental death & dismemberment

Supplemental life insurance

Supplemental accident insurance

Commuter benefits

Short term and long term disability

Health savings and flexible spending accounts

Family care benefits

A generous 401K savings plan with a company match program

10-12 paid holidays annually

Generous paid parental leave (birthing and non-birthing parents)

Voluntary benefits such as pet insurance

Accident

Critical and hospital indemnity health insurance coverage

Life and disability insurance

Company

Dotdash Meredith

Glassdoor3.6

Dotdash Meredith is a digital and print media company that reaches a vast audience through its diverse portfolio of iconic brands.

Founded in 2021

New York, New York, USA

1001-5000 employees

https://www.dotdashmeredith.com/

Funding

Current Stage

Late Stage

Total Funding

$400M

2025-06-05Debt Financing· $400M

Leadership Team

Neil Vogel

CEO

Tim Quinn

CFO

Recent News

Beyond Bylines

2025 in Review: A Media News Recap

2026-01-11

Digiday

Media Briefing: The top trends in the media industry for 2025

2025-12-19

digitalmediawire.com

CareerMAGNATE Featured Job Listings: Riot Games, Tubi, A24, Insomniac, TikTok

2025-10-03

Company data provided by crunchbase