Job Information
Insight Global Application Security Engineer in New York, New York
Job Description
Insight Global is seeking an Application Security Engineer to join the team with one of our financial services clients located in New York City. This person will be responsible to:
-Integrate and configure application security and observability tools, with heavy focus on SIEM and Contrast‑type platforms
-Partner with development teams to embed security scanning into GitLab CI/CD pipelines
-Implement and manage SAST, DAST, and IAST tooling across applications
-Drive vulnerability remediation, tracking findings from detection through resolution
-Perform security assessments of APIs, microservices, and web applications
-Build light security automation for integrations, monitoring, and incident response (Python/Java)
-Configure and maintain SIEM use cases, security monitoring, and compliance reporting
-Support cloud migration efforts by ensuring applications meet security standards
-Develop and maintain security runbooks, standards, and best practices
-Provide guidance on secure coding practices and application threat modeling
-Collaborate closely with InfoSec, DevOps, and engineering teams to implement defense‑in‑depth strategies
-Spend the majority of time on security integration and vulnerability management, with limited (10–15%) hands‑on development
We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/.
Skills and Requirements
-5+ years in Application Security, DevSecOps, or Security Engineering, ideally within financial services or regulated environments
-Strong understanding of software development (former full‑stack or backend developer) with ability to work across .NET, Java, and Python–based systems
-Hands‑on experience integrating security tools into enterprise applications and CI/CD pipelines (GitLab)
-Proven experience with SIEM tools (Sumologic or equivalent) and vulnerability remediation workflows
-Solid knowledge of application security fundamentals (OWASP Top 10, APIs, web apps, microservices)
-Ability to collaborate across InfoSec, DevOps, and engineering teams, balancing security and business needs -Direct experience with Contrast Security or similar AppSec platforms (Veracode, Checkmarx, Snyk)
-Advanced SIEM experience (Cloud SIEM, dashboards, security analytics)
-Experience with security automation (light Python/Java), DevSecOps, or shift‑left practices
-Cloud security experience (Azure), including IaC, secrets management, or API security
-Background in full‑stack development with frontend security knowledge (XSS, CSP, CORS)