EnerSys · 6 hours ago
Application Security Engineer
Reading, PA
Full-time
Onsite
Senior Level
5+ years expEnerSys is a global leader in stored energy solutions for industrial applications, and they are seeking an Application Security Engineer to enhance the security of their applications and development processes. The role involves collaborating with software engineers and DevOps teams to integrate security into the software development lifecycle and ensuring compliance with cybersecurity frameworks.
Telecom & CommunicationsEnergyTransportationManufacturingRenewable EnergyTelecommunications
Responsibilities
Serve as a primary liaison between the Cybersecurity and development teams, ensuring security is integrated into design, development, deployment, and operations
Conduct application security assessments, code reviews, API testing, threat modeling, and penetration testing to identify vulnerabilities
Define, maintain, and enforce secure coding standards, patterns, and best practices
Integrate and manage security tooling within CI/CD pipelines, including SAST, DAST, SCA, IaC scanning, and container security solutions
Support secure architecture reviews for cloud‑native applications, microservices, and containerized workloads
Support threat modeling, risk assessments, and security architecture reviews for applications
Ensure that all security practices meet regulatory and compliance requirements
Develop and deliver cybersecurity training programs for development teams to promote awareness and adherence to best practices
Ensure application security practices align with regulatory and compliance frameworks (e.g., NIST CSF, ISO 27001, IEC 62443)
Keep up to date on emerging threats, incorporating threat intelligence into security practices and providing proactive defenses
Monitor and respond to application security threats, incidents and vulnerabilities
Stay up to date on regulatory developments and industry trends
Manage and maintain third-party vendor and consultant relationships
Perform other duties as assigned
Qualification
Required
Must have an active passport and be willing to travel internationally
5+ years of experience in Information Security, with at least 3 years focused on application security, secure development, or DevSecOps
Strong understanding of OWASP Top 10, OWASP ASVS, SANS Top 25, and secure SDLC methodologies
Hands-on experience with application security testing tools (e.g., Burp Suite, Fortify, Checkmarx, Veracode, Fortify, ZAP.)
Experience with threat modeling, penetration testing, and secure software development practices
Practical experience with cloud platforms (AWS or Azure) and cloud-native security controls
Familiarity with Kubernetes security, container hardening, and runtime protection
Experience conducting threat modeling, penetration testing, and secure architecture reviews
Strong communication skills with the ability to influence and collaborate across technical and non-technical teams
Preferred
A degree in a technical field (Computer Science, Information Systems, or Cybersecurity) is preferred but not required
Relevant certifications (e.g., CISSP, CSSLP, OSCP, GWAPT, CEH, GIAC Cloud Security) other relevant certifications is preferred
Company
EnerSys
EnerSys is the global leader in stored energy solutions for industrial applications. We complement our extensive line of motive power,
5001-10000 employees
H1B Sponsorship
EnerSys has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2023 (1)
2022 (2)
Funding
Current Stage
Public CompanyTotal Funding
$499MKey Investors
US Department of Energy
2025-01-17Grant· $199M
2024-01-04Post Ipo Debt· $300M
2004-07-30IPO
Leadership Team
Mark Matthews
President, Specialty Global
Recent News
Morningstar.com
2026-02-04
2026-01-11
Company data provided by crunchbase