Role Summary

We are seeking a Senior Application Security Engineer to solve complex application security challenges and embed security early in the software development lifecycle. This role requires strong technical expertise in modern security practices and tools, with the ability to work independently and drive secure development initiatives across diverse technology stacks.

Key Responsibilities

• Implement and optimize security controls in CI/CD pipelines, including SAST, SCA, SBOM validation, IaC scanning, and secrets management.
• Develop automation for security tools and processes to reduce manual effort and improve scalability.
• Collaborate with engineering teams to remediate vulnerabilities and enforce secure coding practices.
• Ensure compliance with security standards by integrating advanced tools and frameworks into development workflows.
• Contribute to initiatives such as secure pipeline design, artifact scanning, and API security validation.

Required Qualifications

• 7+ years of experience in Application Security or Secure Software Development.
• Strong expertise in SAST, SCA, SBOM, IaC scanning, and secrets management.
• Hands-on experience with industry-leading tools such as:
  • SAST: Checkmarx, Veracode, SonarQube
  • SCA: Black Duck, Snyk, Mend
  • Secrets Management: Delinea, HashiCorp Vault
  • IaC Security: Trivy, Checkov
  • CI/CD: Jenkins, GitHub Actions, GitLab CI
• Proficiency in one or more programming languages (Java, Python, JavaScript).
• Solid understanding of OWASP Top 10 and secure coding principles.

Preferred Skills

• Experience with container security and cloud-native environments (AWS, Azure).
• Familiarity with SBOM standards and API security frameworks.
• Certifications such as OSCP, CEH, or CSSLP are a plus.

At CDK, we believe inclusion and diversity are essential in inspiring meaningful connections to our people, customers and communities. We are open, curious and encourage different views, so that everyone can be their best selves and make an impact.

CDK is an Equal Opportunity Employer committed to creating an inclusive workforce where everyone is valued. Qualified applicants will receive consideration for employment without regard to race, color, creed, ancestry, national origin, gender, sexual orientation, gender identity, gender expression, marital status, creed or religion, age, disability (including pregnancy), results of genetic testing, service in the military, veteran status or any other category protected by law.

Applicants for employment in the US must be authorized to work in the US.  CDK may offer employer visa sponsorship to applicants.