Junior Application Security Specialist jobs in United States
cer-icon
Apply on Employer Site
company-logo

Net2Source (N2S) · 12 hours ago

Junior Application Security Specialist

positionPrinceton, NJ
timeContract
remoteHybrid
seniorityNew Grad, Entry Level
money$50/hr - $60/hr

Net2Source (N2S) is seeking a Junior Application Security Specialist to support the design, implementation, and continuous improvement of Application Security and DevSecOps practices. This role involves working closely with DevOps, engineering, and IT stakeholders to embed security into the software development lifecycle using modern automation and secure coding standards.

B2BDeliveryHuman ResourcesInformation Technology
check
Growth Opportunities
check
H1B Sponsor Likelynote
Hiring Manager
Bismillah Arzoo
linkedin

Responsibilities

Support the adoption of Application Security and DevSecOps automation, helping to drive consistent security practices across development teams
Assist in developing and promoting best practices for DevSecOps and secure CI/CD, ensuring security controls are integrated into pipelines and development workflows
Help stay current on emerging security tools, techniques, and processes, and contribute ideas to drive innovation and process maturity in the application security program
Work with DevOps teams and managers to train and educate product and engineering teams on information security concepts and standards (e.g., OWASP ASVS, OWASP Top 10)
Help create and maintain training materials, documentation, and guidance to support secure development practices
Participate in threat modeling and design reviews to assess security implications of new features, architectures, and code deployments
Assist in identifying potential threats, attack vectors, and abuse cases, and in documenting recommended mitigations
Use and help operate code scanning tools and technologies such as SAST, SCA, IaC scanning, secrets scanning, and DAST as part of the secure SDLC
Triage SAST/SCA findings by:
Validating vulnerabilities in code (primarily Python and JavaScript)
Mapping issues to relevant items in the OWASP Top 10
Providing clear, actionable mitigation guidance to engineering teams and developers
Collaborate with teams to track, measure, and communicate the quality and effectiveness of risk management processes and controls applicable to IT and application security
Apply a working understanding of how code is deployed into cloud environments such as AWS and Azure
Support reviews of Infrastructure as Code (IaC) (e.g., Terraform) for security misconfigurations and compliance with internal standards and best practices
Use Python scripting to automate repetitive tasks, integrate security tools, and support DevSecOps workflows
Work with DevOps tooling such as Docker, Terraform, and Git-based platforms (GitLab / GitHub) to ensure security is integrated into build, deployment, and runtime environments
Maintain a good understanding of current and emerging cybersecurity and privacy regulations and practices, and how leading enterprises are employing them
Support efforts to explain regulatory and policy requirements to IT and engineering stakeholders in clear, practical terms
Assist in tracking and communicating key metrics that reflect the effectiveness of risk management processes, controls, and security initiatives
Deliver or support presentations to IT and business representatives on security technologies, DevSecOps practices, and industry trends
Communicate clearly and professionally with diverse stakeholders, helping balance security, business, and delivery priorities
Help build consensus across teams, supporting decision-making for security initiatives and gaining buy-in from relevant stakeholders

Qualification

Application SecurityDevSecOpsPythonCloud AWSCloud AzureCode Scanning ToolsOWASP ASVSSAST/SCAInfrastructure as CodeDockerAnalytical SkillsPlanning SkillsLeadership PotentialCommunication SkillsTeamwork

Required

Bachelor's degree in Computer Science, Information Security, Engineering, or a related field, or equivalent practical experience
Hands-on exposure (academic, project, or professional) to: Application security concepts and secure coding practices
Code scanning tools and techniques such as SAST, SCA, IaC scanning, secrets scanning, and DAST
Practical experience (coursework, labs, or professional) with at least some of: Python for scripting and automation
DevOps tooling such as Docker, Terraform, GitLab and/or GitHub
Deploying or working with applications in cloud environments (AWS, Azure, etc.)
Familiarity with OWASP ASVS and the OWASP Top 10 and how these apply to real-world web or API applications
Good understanding of: Secure software development lifecycle (SSDLC) concepts
Modern CI/CD pipelines and DevSecOps practices
Application security testing approaches (static, dynamic, dependency, and IaC scanning)
Strong knowledge of Office productivity tools, mobile apps, and common IT capabilities expected in a modern IT environment
Strong analytical and technical skills, including the ability to understand complex systems, analyze vulnerabilities, and propose practical solutions
Excellent verbal and written communication skills, including the ability to: Explain technical and regulatory concepts to non-security stakeholders
Prepare clear documentation, reports, and presentations
Strong soft and interpersonal skills, including: Teamwork and collaboration
Facilitation and negotiation to reconcile different interests within the organization
Demonstrated planning and organizational skills, with the ability to prioritize tasks and handle multiple workstreams
Strong business acumen, including an interest in learning the specific industry/domain and how security supports business objectives
Ability to build consensus and support decisions that balance risk, cost, and business value
Strong leadership potential and influence skills appropriate to a junior role—showing initiative, ownership, and the ability to positively influence peers
Strong sense of ethics, integrity, and personal accountability, with a willingness to “go the extra mile” to achieve important security and business goals

Preferred

Industry certifications or progress toward certifications (e.g., Security+, SSCP, CCSK, or entry-level cloud or DevOps certifications)
Experience participating in security communities, CTFs, open-source projects, or internal security initiatives
Exposure to risk frameworks, security maturity models, or formal governance processes (e.g., OpenSAMM, NIST CSF, ISO 27001)

Company

Net2Source (N2S)

twittertwittertwitter
Glassdoor4.1
company-logo
Net2Source (N2S) is a Minority owned global workforce solutions company recognized by SIA as the largest and fastest-growing Total Talent Solutions provider with a presence in 34 countries and in-house Glo-Cal (global and local) teams to support our clients.
dateFounded in 2007
location
Somerset, New Jersey, USA
people-size1001-5000 employees
web-link
http://net2source.com

H1B Sponsorship

Net2Source (N2S) has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (7)
2022 (8)
2021 (10)
2020 (25)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Ashish Garg
Founder & CEO
linkedin
Company data provided by crunchbase