Tomorrow · 9 hours ago
Application Security Engineer - Public Trust/Secret Clearance
United States
Full-time
Remote
Mid Level
$120K/yr - $140K/yrTomorrow is a company focused on information technology, and they are seeking an Application Security Engineer to support the secure development and testing of applications. This role involves implementing security controls, conducting application security testing, and ensuring compliance with federal standards in a remote environment.
BankingFinanceFinancial ServicesPersonal Finance
No H1B
Security Clearance Required
Responsibilities
Support Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode and Burp Suite
Design and implement enterprise-wide security controls to secure applications, systems, networks, or infrastructure services
Secure enterprise web applications, with a focus on mitigating OWASP Top 10 risks, CVSS scoring, CWE, WASC, and SANS Top 25 vulnerabilities
Integrate security practices into development workflows using IDEs such as Eclipse, JDeveloper (including pipeline development), or Visual Studio
Perform application security testing and automation using tools such as OWASP ZAP, Burp Proxy, Selenium, and Interactive Application Security Testing (IAST) capabilities
Write and maintain bash scripts to support security automation, testing, and troubleshooting tasks
Participate in vulnerability discovery, triage, and remediation processes, including crowdsourced security programs via platforms like HackerOne
Work in Linux or UNIX environments, including navigating file systems and troubleshooting basic website connectivity and security issues
Ensure applications and security practices align with federal compliance standards, including NIST 800-53, FIPS, or FedRAMP
Qualification
Required
Support Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and IDE Plug-in environments using Veracode and Burp Suite
Design and implement enterprise-wide security controls to secure applications, systems, networks, or infrastructure services
Secure enterprise web applications, with a focus on mitigating OWASP Top 10 risks, CVSS scoring, CWE, WASC, and SANS Top 25 vulnerabilities
Integrate security practices into development workflows using IDEs such as Eclipse, JDeveloper (including pipeline development), or Visual Studio
Perform application security testing and automation using tools such as OWASP ZAP, Burp Proxy, Selenium, and Interactive Application Security Testing (IAST) capabilities
Write and maintain bash scripts to support security automation, testing, and troubleshooting tasks
Participate in vulnerability discovery, triage, and remediation processes, including crowdsourced security programs via platforms like HackerOne
Work in Linux or UNIX environments, including navigating file systems and troubleshooting basic website connectivity and security issues
Ensure applications and security practices align with federal compliance standards, including NIST 800-53, FIPS, or FedRAMP
Preferred
Clearance: Public Trust, Secret Clearance preferred
Company
Tomorrow
Sustainable banking. Green Finance. A bank that funds and promotes Renewable Energy, Solar Power, Wind Power and sustainable agriculture.
Founded in 2017
51-200 employees
Funding
Current Stage
Growth StageTotal Funding
$34.76MKey Investors
ABACON
2024-10-21Series Unknown· $5.41M
2021-10-20Equity Crowdfunding· $9.32M
2021-09-16Series Unknown· $16.48M
Leadership Team
Inas Nureldin
Founder and CEO
Jakob Berndt
Co-Founder & Co-CEO
Recent News
2025-08-13
2025-04-30
Company data provided by crunchbase