Phaxis
Application Security Engineer - to 120k
Phaxis, Charlotte, North Carolina, United States, 28245
Application Security Engineer (ISO 27001 Focus) - to 120k
Application Security Engineer (ISO 27001 Focus) - to 120k
This range is provided by Phaxis. Your actual pay will be based on your skills and experience talk with your recruiter to learn more. Base pay range
$110,000.00/yr - $120,000.00/yr Additional compensation types
Annual Bonus Seeking 110k to 120k We are seeking an experienced Application Security Engineer to help secure our software products and development lifecycle, with a strong emphasis on ISO 27001 compliance. In this role, you will work closely with engineering, DevOps, and compliance teams to ensure security is integrated into every phase of the software development lifecycle (SDLC), while supporting ongoing audit and governance efforts. Key Responsibilities: Embed secure coding practices and threat mitigation strategies across the SDLC through developer enablement, code reviews, and architectural input. Perform application risk assessments, threat modeling (e.g., STRIDE), and design reviews to proactively identify and reduce vulnerabilities. Integrate security tools into CI/CD pipelines (e.g., SAST, DAST, SCA) to enable continuous security scanning and automated policy enforcement. Support internal and external ISO 27001 audits, producing technical documentation, security controls evidence, and audit responses. Collaborate with risk, compliance, and IT teams to align application security practices with broader information security frameworks and regulatory requirements (e.g., SOC 2, GDPR, HIPAA, FDA). Track, triage, and remediate vulnerabilities discovered through internal testing or reported via bug bounty programs. Contribute to security awareness initiatives and training sessions tailored for software engineers and DevOps personnel. Qualifications: Required: 3+ years of experience in Application Security, DevSecOps, or related role Strong knowledge of secure coding practices, OWASP Top 10, and threat modeling Familiarity with ISO 27001 controls, audit preparation, and compliance documentation Hands-on experience with security tools such as Snyk, Veracode, Checkmarx, or similar Experience working with CI/CD pipelines and cloud-native environments (e.g., GitHub Actions, GitLab CI, Azure DevOps) Preferred: ISO 27001 Lead Implementer or Lead Auditor certification Experience with SBOM formats (CycloneDX, SPDX) and dependency management Familiarity with FDA or SaMD regulatory requirements Bachelors degree in Computer Science, Cybersecurity, or related field Experience with Kubernetes, container security, and cloud security best practices (AWS, Azure, or GCP) Seniority level
Seniority level
Director Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Hospitals and Health Care Referrals increase your chances of interviewing at Phaxis by 2x Inferred from the description for this job
Medical insurance Vision insurance 401(k) Get notified about new Application Security Engineer jobs in
Charlotte, NC . Application Security & Red Team - Lead Engineer, Information Security
Charlotte, NC $120,000.00-$145,000.00 5 days ago Senior Application Security Engineer - Vice President
Charlotte, NC $153,000.00-$196,000.00 1 week ago Discovery IT System Administrator (Top Secret Clearance Required)
Charlotte, NC $124,895.40-$169,500.90 2 weeks ago Charlotte, NC $123,274.67-$167,301.34 3 weeks ago Senior Discovery IT System Administrator (Top Secret Clearance Required)
Charlotte, NC $160,579.80-$231,948.60 1 month ago Gastonia, NC $70,000.00-$80,000.00 1 month ago Charlotte, NC $118,700.00-$218,600.00 2 weeks ago Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr
Application Security Engineer (ISO 27001 Focus) - to 120k
This range is provided by Phaxis. Your actual pay will be based on your skills and experience talk with your recruiter to learn more. Base pay range
$110,000.00/yr - $120,000.00/yr Additional compensation types
Annual Bonus Seeking 110k to 120k We are seeking an experienced Application Security Engineer to help secure our software products and development lifecycle, with a strong emphasis on ISO 27001 compliance. In this role, you will work closely with engineering, DevOps, and compliance teams to ensure security is integrated into every phase of the software development lifecycle (SDLC), while supporting ongoing audit and governance efforts. Key Responsibilities: Embed secure coding practices and threat mitigation strategies across the SDLC through developer enablement, code reviews, and architectural input. Perform application risk assessments, threat modeling (e.g., STRIDE), and design reviews to proactively identify and reduce vulnerabilities. Integrate security tools into CI/CD pipelines (e.g., SAST, DAST, SCA) to enable continuous security scanning and automated policy enforcement. Support internal and external ISO 27001 audits, producing technical documentation, security controls evidence, and audit responses. Collaborate with risk, compliance, and IT teams to align application security practices with broader information security frameworks and regulatory requirements (e.g., SOC 2, GDPR, HIPAA, FDA). Track, triage, and remediate vulnerabilities discovered through internal testing or reported via bug bounty programs. Contribute to security awareness initiatives and training sessions tailored for software engineers and DevOps personnel. Qualifications: Required: 3+ years of experience in Application Security, DevSecOps, or related role Strong knowledge of secure coding practices, OWASP Top 10, and threat modeling Familiarity with ISO 27001 controls, audit preparation, and compliance documentation Hands-on experience with security tools such as Snyk, Veracode, Checkmarx, or similar Experience working with CI/CD pipelines and cloud-native environments (e.g., GitHub Actions, GitLab CI, Azure DevOps) Preferred: ISO 27001 Lead Implementer or Lead Auditor certification Experience with SBOM formats (CycloneDX, SPDX) and dependency management Familiarity with FDA or SaMD regulatory requirements Bachelors degree in Computer Science, Cybersecurity, or related field Experience with Kubernetes, container security, and cloud security best practices (AWS, Azure, or GCP) Seniority level
Seniority level
Director Employment type
Employment type
Full-time Job function
Job function
Information Technology Industries
Hospitals and Health Care Referrals increase your chances of interviewing at Phaxis by 2x Inferred from the description for this job
Medical insurance Vision insurance 401(k) Get notified about new Application Security Engineer jobs in
Charlotte, NC . Application Security & Red Team - Lead Engineer, Information Security
Charlotte, NC $120,000.00-$145,000.00 5 days ago Senior Application Security Engineer - Vice President
Charlotte, NC $153,000.00-$196,000.00 1 week ago Discovery IT System Administrator (Top Secret Clearance Required)
Charlotte, NC $124,895.40-$169,500.90 2 weeks ago Charlotte, NC $123,274.67-$167,301.34 3 weeks ago Senior Discovery IT System Administrator (Top Secret Clearance Required)
Charlotte, NC $160,579.80-$231,948.60 1 month ago Gastonia, NC $70,000.00-$80,000.00 1 month ago Charlotte, NC $118,700.00-$218,600.00 2 weeks ago Were unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr