SciTec · 12 hours ago
Application Security Engineer
Boulder, CO
Full-time
Onsite
Entry, Mid Level
$96K/yr - $146K/yr
2+ years expSciTec is a dynamic small business focused on advanced sensor data processing technologies and scientific instrumentation for National Security and Defense. They are seeking an Application Security Engineer to identify, analyze, and mitigate application-level vulnerabilities, collaborating closely with software engineers to embed security into the development lifecycle.
AerospaceConsultingInformation Technology
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Perform application security analysis using both automated and manual techniques, including:
Static code analysis (SAST)
Software composition analysis (SCA)
Fuzzing
Manual code and design reviews
Identify, analyze, and help remediate application vulnerabilities
Support software engineers in integrating security considerations into system and application designs
Integrate and maintain application security tooling within CI/CD and DevSecOps pipelines
Design, implement, and improve continuous integration security analysis tooling
Tune and maintain security tools to reduce false positives and improve signal quality
Assist development teams in understanding findings and implementing effective fixes
Support threat modeling and secure design reviews
Stay current with emerging vulnerabilities, attack techniques, and mitigation strategies
Document findings, recommendations, and best practices
Perform other duties as assigned
Qualification
Required
Bachelor's degree plus 2+ years of professional experience in cybersecurity or software development, or equivalent experience
2+ years of experience focused on application/software security
Experience analyzing source code for security flaws
Familiarity with secure software development practices
Strong analytical, problem-solving, and communication skills
Detail-oriented with strong written and verbal communication abilities
Ability to qualify for and maintain a DoD or DoE Secret security clearance
Ability to meet DoD 8140.01 Cyberspace Workforce Management requirements within six months of hire
Good verbal and written communication skills
Attention to detail
Preferred
Active DoD Secret clearance or higher
Experience identifying, exploiting, and remediating application vulnerabilities
Credit for published CVEs is a strong plus
Proficiency in one or more programming languages such as C++, Python, JavaScript, Rust
Experience configuring and operating static analysis tools (e.g., Coverity, Klocwork, SonarQube)
Experience configuring and operating software composition analysis tools (e.g., Snyk, Sonatype, Anchore, JFrog Xray)
Experience with fuzzing frameworks (AFL, AFL++, honggfuzz, or similar)
Experience with debugging, runtime instrumentation, or reverse engineering, including tools such as: strace, eBPF, Ghidra or IDA Pro
Familiarity with threat modeling methodologies and frameworks such as MITRE ATT&CK
Experience working in DevSecOps or Agile development environments
Benefits
4% Safe Harbor 401(k) match
100% company paid HSA Medical insurance, with a choice of 2 buy-up options
80% company paid Dental insurance
100% company paid Vision insurance
100% company paid Life insurance
100% company paid Long-term Disability insurance
100% company paid Hospital Indemnity insurance
Voluntary Accident and Critical Illness insurance
Short-term Disability insurance
Annual Profit-Sharing Plan
Discretionary Performance Bonus
Paid Parental Leave
Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
Flexible Work Hours
Company
SciTec
The world brings ever-evolving challenges; SciTec builds solutions.
201-500 employees
Funding
Current Stage
Growth StageTotal Funding
unknown2025-10-05Acquired
Leadership Team
David Simenc
President
Recent News
Tech Startups - Startups and Technology news
2025-10-07
2025-09-05
Company data provided by crunchbase